Cybercrime incidents on the rise in Malaysia, says Sophos

Lee says according to MyCert, cybercriminals were using Android malware to steal victims’ online banking credentials in Malaysia.

Lee says according to MyCert, cybercriminals were using Android malware to steal victims’ online banking credentials in Malaysia.

-A +A

KUALA LUMPUR (Aug 31): The number of reported cybercrime incidents in Malaysia has grown over time, especially with banks and their customers as targeted victims.

In an exclusive interview with theedgemarkets.com, British-based security software and hardware company Sophos Group plc’s managing director for Greater China, Southeast Asia and Korea Sandra Lee said while the firm does not have the exact data on the number of ransomware attacks and its impact on Malaysian financial services, there are some recent examples of attacks that underline the importance of cybersecurity.

She said that earlier this month, Affin Hwang urged its customers to refer to an advisory by the Malaysia Computer Emergency Response Team (MyCert) about a fraud campaign called SMSSpy.

Lee said according to MyCert, cybercriminals were using Android malware to steal victims’ online banking credentials in Malaysia.

She said recently, there has been a cybersecurity breach affecting one of the largest online payment providers in Malaysia, namely iPay88 .

It was revealed that it has suffered a cybersecurity breach incident in which consumer credit card data may have been compromised, she said.

Ransom paid

Lee said Sophos found that 52% of financial services organisations paid the ransom to restore their data, which is higher than the global average across all industries at 46%.

“However, paying up does not always pay off.

“Of those who paid the ransom, 99% got some encrypted data back and only 10% retrieved all their data

“On the bright side, 62% of financial services organisations attacked were able to recover from the attack in just a week, compared with the average of 53% across sectors such as healthcare, education and others,” she said.

Lee said this suggests that the financial services sector has developed strong layered defences against ransomware attacks, which includes cyber insurance where 83% of the organisations in the financial services sector stating they had cyber insurance coverage.

Cause for such attacks

Lee said cybercriminals are far more devious and effective than those of generations past.

“According to our State of Ransomware 2022 report, 79% of Malaysian organisations have been hit by ransomware, with 48% reporting that the volume of cyberattacks has increased.

“There are a variety of underlying causes, from zero-day vulnerabilities and misconfigurations to simple human error. Whatever the cause, such attacks can be devastating for victims. There is a need to further strengthen the cybersecurity defences,” she said.

Cyber insurance

Lee said despite cyber insurance being a relatively new idea, demand is growing rapidly, and one can now find a handful of companies offering cyber insurance.

She said that in Malaysia, about 81% of organisations have cyber insurance that covers ransomware attacks, with 33% of these having exceptions/exclusion in their policy, which is similar with the global average.

“Cyber insurance is becoming harder and more expensive to get due in part to an increase in attacks.

“However, it’s meant that in order to get cyber insurance, companies are required to have solid protections in place, which means that overall defences have improved,” she said.

Tips to prevent or face ransomware attacks

Lee said among the best practices for organisations to help defend against ransomware and related cyberattacks are:

  1. Be prepared, but not hit, rather than the other way round. Prepare for the worst. Know what to do if a cyber incident occurs and keep the plan updated.
  2. Make backups and keep a copy offline.
  3. Install and maintain high-quality defences across all points in the organisation’s environment.
  4. Use layered protection to block attackers at as many points as possible across the business.
  5. Proactively hunt for threats to identify and stop adversaries before they can execute their attacks.
  6. Do not pay the ransom. If payment is made, the adversaries will restore, on average, only two-thirds of your files.
  7. Have a malware recovery plan.