BALI (Indonesia): The financial sector remains the top sector experiencing cyber attacks in Malaysia this year despite growing cyber resilience and awareness among financial institutions, as global cybersecurity firm Kaspersky highlighted.
Kaspersky Southeast Asia general manager Yeo Siang Tiong said following closely the financial sector is the government sector as well as the healthcare sector, where phishing is the most prevalent form of cyber attack.
He said the same trend was also observed in other Asean countries this year.
“The financial sector is where the money is, while the government and healthcare sectors contain a lot of data, including personal data, which has a lot of value for cyber attackers to gain benefit from.
“There is also the espionage component in these sectors, while the other form of attack that we see more often is the ransomware attack, where attackers are doing ransomware-as-a-service (RaaS), as well as cryptojacking,” he told Bernama on the sidelines of the Kaspersky Cyber Security Weekend 2023 here.
Nevertheless, he said that despite facing the most attacks, the financial sector has seen some improvement in cyber resilience after the Bank Negara Malaysia (BNM) instructed banks to follow the Risk Management in Technology (RMiT) framework.
Collaboration with government agencies
In addressing the rising threat and risk of cyber attacks from the government’s perspective, Yeo said that there is a need for the government to address the issue from a regulatory standpoint as well as a policy standpoint.
“On our front, we are working very closely and have collaboration with the National Cyber Security Agency (NACSA) and Cybersecurity Malaysia (CSM) from the government side so that we can share information with them and then they get early signals from us if we see anything is happening,” he said.
Within this year, NACSA visited Kaspersky’s Data Centre and Transparency Centre in Switzerland, while CSM paid a visit to Kaspersky’s Transparency Centre in the Netherlands recently.
“The Malaysian government is looking at the possibilities of making some changes to the two agencies involved in cybersecurity, and we are still waiting for the outcome of the recent visits.
“Of course, we are still talking to both teams quite intensively as we wait for the final outcomes,” he said.
Meanwhile, from the corporate front, he said organisations need to learn and do their due diligence by exercising a fair share process to protect their own environment, and from consumers’ perspectives, awareness is the most effective way.
“The execution process of adopting cyber security is the next crucial step for the industry. At Kaspersky, we will always go to the industry whenever things are coming up right on our end.
“Once we see any impending attacks or hear any noise on the dark web, we will definitely collaborate with them,” he said.
Cyber security future
With the digital economy growing rapidly across the Asean region at an expected growth rate of 20 per cent year-on-year, more data will be used by the industry, which requires more protection for its information technology (IT) and operational technology (OT).
Kaspersky announced that the company detects an average of 400,000 new malicious attacks on a daily basis and has been responding to the detection by using the latest technology.
“There is no way for a cyber security company to process all these new detections, and that is why the artificial intelligence (AI) rules come in as we detect the emergence of new malware or new ways of doing things involving cyber risk,” he said.
In the meantime, the global cybersecurity company highlighted that AI has emerged as a powerful tool in the field of cybersecurity and beyond, with the arrival of ChatGPT in November 2022 triggering debates and conversations on AI.
It showed the tangible effects of this neural network technology and revealed AI’s potential to disrupt industries globally.
Kasperksy has since revolutionised things by finding a way to develop IT systems with “innate” protection—cyber immunity—a concept that implies the overwhelming majority of cyber attack types are ineffective and cannot affect a system’s critical functions in the usage scenarios specified at the design stage.
“Kaspersky Cyber Immunity is an approach we recently trademarked in both the United States and the European Union,” he said.
He said Kaspersky Cyber Immunity embodied a secure-by-design system that made it possible to create solutions that are virtually impossible to compromise and that minimise the number of potential vulnerabilities.
“In an age where technology can be used by good guys and bad guys alike, traditional cybersecurity is no longer enough.
“We need to revolutionise our defences to ensure we create a more secure digital world,” Kaspersky chief executive officer Eugene Kaspersky said. – BERNAMA
