Ransomware Targets 2.74% Of Malaysian Firms In 1Q26

Some 2.74% of Malaysian small and medium businesses (SMBs) tracked by Kaspersky were targeted by ransomware in the first quarter of 2026 (1Q26), up from 2.09% in the same period last year.

The increase mirrors a broader rise across Southeast Asia, where 3.51% of SMBs in Kaspersky’s ecosystem were targeted by ransomware attacks in 1Q26 compared to 2.92% in 1Q25.

According to Kaspersky, India recorded the highest increase among the markets analysed, rising from 3.18% to 4.07%, followed by Indonesia from 2.83% to 4.01%. Singapore also saw ransomware incidents rise from 0.57% to 0.69%.

Kaspersky said ransomware detection figures may not reflect the full scale of attacks, as cybercriminals often conduct multi-stage operations involving initial access, reconnaissance and lateral movement before deploying encryption malware.

The report identified Clop as the most prevalent ransomware group in 1Q26, accounting for 14.42% of victims listed on ransomware groups’ dedicated leak sites, followed by Qilin at 12.34%. The Gentlemen, a ransomware group that emerged in July 2025, ranked third as its activities expanded rapidly.

Kaspersky said ransomware groups are increasingly using double extortion tactics, where attackers encrypt data and threaten to leak stolen information if demands are not met.

The cybersecurity firm urged businesses to strengthen defences through regular software updates, offline backups, endpoint detection and response solutions, and incident response plans to mitigate ransomware risks.

Latest News

Must read