Small and medium businesses (SMBs) remain to be the backbone of Malaysia. In fact, 97.4% of the country’s business establishments belong to this sector and contribute 38.4% of Malaysia’s gross domestic product (GDP) and 42.8% to local employment.
Kaspersky’s latest data shows that SMBs here are not spared from cybersecurity threats.
In the first half of 2023, 290 SMB employees encountered malware or unwanted software disguised as business applications, with 193 unique files distributed this way. The total number of detections of these files was 2,184.
Malware, an umbrella term for “malicious software”, is designed by and for professional cybercriminals to cause harm to a user’s device or network. It encompasses a variety of cyber threats such as Trojans and viruses (ransomware is a form of malware). Malware attacks are destructive to small businesses as they can cripple devices requiring expensive repairs or replacement. Malwares also give attackers a back door to access and steal data, putting both customers and employees at risk.
The statistics used in this report were collected by Kaspersky Security Network (KSN), a system for processing anonymized cyberthreat-related data shared voluntarily by Kaspersky users.
To assess the threat landscape for the SMB sector, Kaspersky experts collected the names of the most popular software products used by its clients who owned small or medium-sized businesses around the world.
The final list of the software includes MS Office, MS Teams, Skype and others used by the SMB sector. Kaspersky team then ran these software names against Kaspersky Security Network (KSN) telemetry to find out how much malware and unwanted software was distributed under the guise of these applications.
“As cybercriminals target SMBs with all types of threats — from malware disguised as business software to elaborate phishing and e-mail scams — businesses need to stay on high alert. This is critical, because a single cyberattack can lead to catastrophic financial and reputational loss for a company, regardless of its size,” says Yeo Siang Tiong, General Manager of Southeast Asia at Kaspersky.
CyberSecurity Malaysia received 3,327 cyber incident reports as of July 2023, with 62% focused on fraud.
“While the data gathered by our analysts shows that the cybercriminals are active during the first half of the year and the trend seems the same for both 2022 and 2023, we do not encourage SMBs to put their guards down. CyberSecurity Malaysia shared recently that the Malaysian SMB lacks sufficient cybersecurity awareness and acceptance in their businesses to deal with the growth of technology. So, for us at Kaspersky, we encourage SMB owners to seek help when they needed because cybercrime is a societal issue that needs multi-stakeholder approach,” adds Yeo.
