Many organisations in Malaysia still remain aloof against cyber threats, making them vulnerable to disasters.
CyberSecurity Malaysia (CSM) has pointed out that the lack of resources, tools, processes and personnel makes it difficult for them to establish security operations centres (SOCs) and to gather cybersecurity threat intelligence (CTI) to pre-empt such attacks.
CSM CEO Amirudin Wahab emphasises recently that without adequate defensive mechanisms, these organisations face an arduous task of detecting, while small companies often assume that being tiny makes them a less likely target, the fact is that it is more lucrative to jam the muzzle on them.
“They may think they are not worth the trouble or resources but with problems such as Log4j and other major vulnerabilities, these businesses get swept up in attacks that aren’t explicitly targeted at them,” he added.
The threat of cyberattacks has risen exponentially over the last two to three years, mainly arising from the shift to remote or hybrid work necessitated by the Covid-19 pandemic. A total of 4,741 cases of cyber threats were reported in Malaysia last year. The high internet penetration rate of 97%, high usage of digital payments and progressively high adoption of technology, which accelerated during the pandemic, have made Malaysia particularly vulnerable.
In January, deputy communications and digital minister Teo Nie Ching said cybercrimes resulted in losses of almost RM600 million last year. Malaysia came in second with a 197% increase, followed by Thailand with 63%, Indonesia with 46% and the Philippines with 29%
As Kaspersky general manager for Southeast Asia Yeo Siang Tiong sees it, with the reopening of borders and markets this year, it has become more essential now for businesses to spend more to strengthen their defences.
The rising popularity of the hybrid work model has left companies more vulnerable. Going hybrid opens businesses to three types of threats — phishing, malware and data leaks.
Amirudin said there is also a misconception that such threats come into a company’s IT system only through emails via computers. However, cyber criminals have become more sophisticated and are using telephone calls and mobile messaging services as conduits to deliver such threats.
“An example is the Macau Scam, which utilises the phone, social engineering and the internet to fool victims,” he said.
As Malaysia becomes more digitally-connected, more people will be exposed to cyberattacks as the Internet of Things (IoT) eases access to various devices. As such, the responsibility to prevent cyber attacks falls on the shoulder of every stakeholder. For instance, in a business, the company’s board of directors is as accountable as the IT department.
In January and February alone the National Scam Response Centre (NSRC), which was set up in October 2022 to coordinate rapid response to online financial scams, received 3,482 genuine calls.
Under Budget 2023, the NSRC has been allocated RM10 million to upgrade its equipment and raise awareness on cybersecurity.
Communications and Digital Minister Fahmi Fadzil said yesterday (May 19) cybersecurity is a collective responsibility that requires active participation of the people.
“It is a critical issue that affects governments, businesses and individuals alike. By educating ourselves and adopting safe digital practices, we can create a culture of cybersecurity that extends beyond this conference,” he said in his opening speech at Asia Pacific Cybersecurity Conference 2023, organised by the Institute of Management Sarawak (MASA) and Sarawak Information Systems Sdn Bhd (SAINS) in Kuching.
“In today’s interconnected world, where our lives are increasingly shaped by digital technologies, the protection of our online assets and the safeguarding of our digital identities have become paramount.
“The rapid advancement of technology has brought numerous benefits, but it has also opened new avenues for cyber threats and attacks,” he added.
The three-day conference, which starts today, bring together cybersecurity experts to discuss and share insights on the latest cybersecurity trends, threats, and solutions.
Fahmi said the conference, which brings together cybersecurity experts to discuss and share their insights on the latest cybersecurity trends, threats and solutions, offers great networking opportunities that will strengthen the community’s collective cybersecurity defenses.
“I encourage each and every one of you to engage in meaningful conversations, exchange ideas, and forge partnerships that will contribute to a safer digital ecosystem,” he said.
