In the face of escalating cyber threats, Malaysia is intensifying its cybersecurity strategy, focusing on a significant rise in fraud incidents and the alarming trend of double extortion ransomware attacks.
With over 4,000 incidents reported in 2024, experts emphasise the need for a comprehensive incident response framework, proactive collaboration across sectors, and the implementation of new legislation.
As the nation aims to safeguard critical infrastructure and leverage emerging technologies, CyberSecurity Malaysia, the national cybersecurity specialist agency under the purview of the Ministry of Communications and Multimedia Malaysia (KKMM) CEO Dr Haji Amirudin Abdul Wahab said a “coordinated approach” is essential to bolster resilience against sophisticated cyber adversaries.
He speaks to iTNews Asia on the necessity of continuous risk assessments and legislative support to fortify the nation’s cybersecurity defenses amidst evolving challenges.
iTNews Asia: What are the most significant cyber threats facing Malaysia today, and how are they evolving?
Dr Wahab: In Malaysia, particularly through Cyber Security Malaysia’s Cyber 999 Help Centre, we’ve recorded 4,174 incidents as of August 2024. Fraud stands out as the most significant issue, with 2,778 cases reported. Other threats include malicious code, such as ransomware, and content-related intrusions like hacking attempts. Overall, fraud remains the largest threat to the public.
iTNews Asia: Can you discuss the latest trends in ransomware attacks and how organizations can better protect themselves?
Dr Wahab: Ransomware is a growing threat in Malaysia and the broader APAC region, primarily stemming from exploited vulnerabilities, compromised credentials, phishing, and brute force attacks. Various organizations, particularly in the financial sector, are being targeted. The worrying trend now is double extortion, where attackers not only encrypt files but also exfiltrate sensitive data, threatening to publish or sell it if the ransom isn’t paid – making payment no guarantee of data security.
Access to ransomware tools has become easier through ransomware-as-a-service offerings on the dark web, requiring less technical skill to launch attacks. Overall, financial gain is a key motive behind these threats, reflecting a broader trend seen across the region.
iTNews Asia: What are the key steps organisations should take immediately after a cyber incident?
Dr Wahab: Even before an incident occurs, it’s essential to have an incident response plan in place, clearly defining roles and responsibilities within the organisation. Procedures must be established for staff, particularly technical teams, to manage incidents effectively. Clear communication is crucial, both internally and externally, to ensure all relevant stakeholders can contribute to recovery efforts. Additionally, managing public concerns is vital, especially as incident reporting becomes increasingly important.
Malaysia has introduced the Cybersecurity Act 854, which focuses on protecting critical national information infrastructure and mandates the reporting of incidents, with penalties for non-compliance. Therefore, organisations, especially those in critical sectors, must have an incident response plan and dedicated teams to enhance their cybersecurity posture and manage communications.
iTNews Asia: What steps can organizations take internally to enhance their cybersecurity practices?
Dr Wahab: It’s crucial to conduct regular audits or health checks of the organisation’s cyber ecosystem. Without these assessments, it’s difficult to identify areas for improvement against potential cyber threats. Regular audits are vital for risk assessment, and adopting global best practices should become part of the organization’s culture.
Regarding collaboration in cybersecurity, no entity can address challenges alone; domestic partnerships among public, private, academic sectors, and the community are essential. Internationally, collaboration through bilateral and multilateral platforms allows for sharing information, threat intelligence, and best practices. Since attackers operate as teams, a siloed approach will leave everyone vulnerable to attacks.
iTNews Asia: What measures are being taken to secure Malaysia’s critical infrastructure against cyber threats?
Dr Wahab: Malaysia has implemented several initiatives, including a program called SiberKASA, which aims to strengthen the cyber ecosystem through awareness and educational training. This program focuses on three key areas: people, processes, and technology.
Apart from Cyber Security Act 854, government has made amendments to the Personal Data Protection Act 2010 to improve data protection and address data breach incidents. The government is also working on an Online Safety Act to protect internet users.
iTNews Asia: How does Cybersecurity Malaysia engage with international partners to combat cybercrime?
Dr Wahab: In terms of collaboration, we have been actively engaged at the international level for some time. Cyber Security Malaysia is a key player in the Asia Pacific region, currently serving as the Deputy Chair of the Asia Pacific Computer Emergency Response Team. We are also the past chair and now the permanent secretary of the OIC Computer Emergency Response Team, participating in various activities and programs within the ASEAN community. This collaboration extends nationally, where we work alongside our peers from the National Security Agency to foster bilateral and multilateral relationships with cybersecurity agencies globally. We believe that working together, both domestically and internationally, is essential for effective cybersecurity.
iTNews Asia: How do you see emerging technologies like AI and machine learning influencing the future of cybersecurity?
Dr Wahab: Emerging technologies, particularly AI, are currently a major focus in cybersecurity discussions both in Malaysia and globally. AI presents a dual-edge opportunity – while it can enhance threat intelligence and automate detection and response, it can also be exploited by attackers.
According to a recent World Economic Forum survey, about 56 percent of AI benefits go to attackers over defenders. Additionally, quantum technology poses a significant threat to current encryption methods, potentially rendering public key infrastructure obsolete. As quantum computing becomes more advanced, particularly by 2030, there’s an urgent need for post-quantum cryptography to protect infrastructure. The combination of AI and quantum technologies could create powerful new threats, making it crucial for defenders to stay vigilant and prepared.