CYBERJAYA- MCMC is investigating the news report issued by local
online news portal, The Malaysia Insider, at around 3:00 pm yesterday
with the headline stating “Malaysia Uses Spyware against Own Citizens,
NYT Reports”.
![GE13 BULLYING BEGINS: MCMC probes false reporting by local online news portal]()
MCMC would like to state that this report is speculative and ill-
researched. The online portal appears to have failed to verify the
veracity of the report from the New York Times, nor checked the facts
which are available online and had made its own conclusions on the
matter.
An excerpt from the full report by The Citizen Lab, an interdisciplinary laboratory based at the University of Toronto, Canada (https://citizenlab.org/2013/03/you-only-click-twice-finfishers-global- proliferation-2/) states that the discovery of the FinSpy C+C server in a given country cannot conclusively indicate that the country is using the FinSpy on its citizens.
The report added, “Importantly, we believe that our list of servers is incomplete due to the large diversity of ports used by FinSpy servers, as well as other efforts at concealment. Moreover, discovery of a FinSpy command and control server in a given country is not a sufficient indicator to conclude the use of FinFisher by that country’s law enforcement or intelligence agencies. In some cases, servers were found running on facilities provided by commercial hosting providers that could have been purchased by actors from any country.”
A further report from another group of researchers based in the U.S.A., Rapid7 Community, also gave similar comments: (https://community.rapid7.com/community/infosec/blog/2012/08/08/finfisher)
Read More / Baca Lagi >>
MCMC would like to state that this report is speculative and ill-
researched. The online portal appears to have failed to verify the
veracity of the report from the New York Times, nor checked the facts
which are available online and had made its own conclusions on the
matter.An excerpt from the full report by The Citizen Lab, an interdisciplinary laboratory based at the University of Toronto, Canada (https://citizenlab.org/2013/03/you-only-click-twice-finfishers-global- proliferation-2/) states that the discovery of the FinSpy C+C server in a given country cannot conclusively indicate that the country is using the FinSpy on its citizens.
The report added, “Importantly, we believe that our list of servers is incomplete due to the large diversity of ports used by FinSpy servers, as well as other efforts at concealment. Moreover, discovery of a FinSpy command and control server in a given country is not a sufficient indicator to conclude the use of FinFisher by that country’s law enforcement or intelligence agencies. In some cases, servers were found running on facilities provided by commercial hosting providers that could have been purchased by actors from any country.”
A further report from another group of researchers based in the U.S.A., Rapid7 Community, also gave similar comments: (https://community.rapid7.com/community/infosec/blog/2012/08/08/finfisher)