BALI (Indonesia), Aug 27 — Financial sector remains the top sector experiencing cyber attacks in Malaysia this year despite growing cyber resilience and awareness among the financial institutions, global cybersecurity firm Kaspersky highlighted.
Kaspersky Southeast Asia general manager Yeo Siang Tiong said following closely the financial sector is the government sector as well as healthcare sector where phishing is the most prevalent form of cyber attack.
He said the same trend was also observed in other Asean countries this year.
“The financial sector is where the money is while the government and healthcare sectors contain a lot of data including personal data which have a lot of value in those data for cyber attackers to gain benefit from them.
“There is also the espionage component in these sectors while the other form of attacks that we see more often include the ransomware attack, where attackers are doing the ransomware-as-a-service as well as cryptojacking,” he said on the sidelines of the Kaspersky Cyber Security Weekend 2023 here.
Nevertheless, he said albeit facing the most attacks, the financial sector has seen some improvement in cyber resilience after the Bank Negara Malaysia (BNM) instructed banks to follow the Risk Management in Technology (RMiT) framework.
Collaboration with government agencies
In addressing the rising threat and risk of cyber-attacks from the government perspective, Yeo said that there is a need for the government to address the issue from a regulation standpoint as well as policy standpoint.
“On our front, we are working very closely and have collaboration with National Cyber Security Agency (NACSA) and Cybersecurity Malaysia (CSM) from the government side so that we can share information with them and then they get early signals from us if we see anything is happening.”
Within this year, NACSA visited Kaspersky’s Data Centre and Transparency Centre in Switzerland while CSM paid a visit to Kaspersky’s Transparency Centre in the Netherlands recently.
“The Malaysian government is looking at the possibilities of making some changes to the two agencies involved in cybersecurity and we are still waiting for the outcome from the recent visits.
“Of course, we are still talking to both teams quite intensively as we wait for the final outcomes”
Meanwhile, on the corporate front, he said organisations need to learn and do their due diligence by exercising a fair share process to protect their own environment and from consumers’ perspective, awareness is the most effective way.
“The execution process of adopting cyber security is the next crucial step for the industry. At Kaspersky, we will always go to the industry whenever things are coming up right on our end.
“Once we see any impending attacks or hear any noise in the dark web, we will definitely collaborate with them,”
Cyber security future
With the digital economy growing rapidly across the Asean region at an expected growth rate of 20 per cent year-on-year, more data will be used by the industry, and it requires more protection on its information technology and operational technology.
Kaspersky announced that the company detected an average of 400,000 new malicious attacks on a daily basis and have been responding to the detection by using the latest technology.
“There is no way for a cyber security company to process all these new detections and that is why the artificial intelligence (AI) rules come in as we detect the emergence of new malware or new ways of doing things involving cyber risk.”
In the meantime, the global cybersecurity company highlighted that AI has emerged as a powerful tool in the field of cybersecurity and beyond with the arrival of ChatGPT in November 2022 triggering debates and conversations on AI.
It showed the tangible effects of this neural network technology and revealed AI’s potential to disrupt industries globally.
Kasperksy has since revolutionised things by finding a way to develop IT systems with “innate” protection — Cyber Immunity, a concept that implies the overwhelming majority of cyber-attack types are ineffective and cannot affect a system’s critical functions in the usage scenarios specified at the design stage.
“Kaspersky Cyber Immunity is an approach we recently trademarked in both the United States and the European Union.”
He said Kaspersky Cyber Immunity embodied a secure-by-design system that made it possible to create solutions that are virtually impossible to compromise and that minimise the number of potential vulnerabilities.
“In an age where technology can be used by good guys and bad guys alike, traditional cybersecurity is no longer enough.
“We need to revolutionise our defences to ensure we create a more secure digital world,” said Kaspersky chief chief executive officer Eugene Kaspersky.
— Bernama
