Recently, public transportation operator Prasarana Malaysia Berhad (Prasarana) has experienced a cyberattack. A recent report by Kaspersky’s Industrial Control Systems Computer Emergency Response Team (ICS CERT) shows that there’s been a big increase in cyberattacks on Malaysian businesses.

Moreover, experts believe ransomware is the reason behind the cyberattacks on Prasarana. This is one of many cases of cyberattacks, and Kaspersky reports 30 confirmed cyberattacks in important sectors in the first few months this year. It includes transportation, logistics, utilities, energy, engineering, and mining.

The Ransomware Epidemic

Image via The LSS Store

Ransomware is a big problem for all kinds of organizations all over the world. Kaspersky’s research found that in 2023, ransomware attacks made up one-third of every cyber incident. This type of attack is still growing. With a 23% increase in attacks, targeting vulnerable Windows drivers during the second quarter of 2024. These vulnerabilities can be used for all sorts of malicious activities. Ransomware and advanced persistent threat (APT) campaigns are two of the most common cyberattacks to look out for.

The General Manager of Southeast Asia at Kaspersky, Yeo Siang Tiong stated that although system drivers are legitimate software, they are vulnerable to malicious exploitation. He said:

Attackers employ diverse techniques to install these vulnerable drivers on target systems. Once loaded by the operating system, these drivers can be weaponized to bypass the kernel’s security protections and execute malicious code.

Yeo Siang Tiong, Kaspersky’s General Manager of Southeast Asia

The Growing Threat Landscape

Image via GovInsider

In Malaysia, the Kaspersky Security Network found a huge number of incidents involving serves in the second quarter of 2024. Kaspersky products also detected over 4.6 million local incidents on the computers, with worms and file viruses being the most common threats. On top of that, there were 9.7 million different internet-based cyber threats in the same period.

Because of these challenges, the Malaysian government has made the Cyber Security Act to make the country’s cybersecurity better. Yeo noted it is a good move as ransomware cyberattacks are becoming more prevalent, businesses need to have strong cybersecurity to protect against more complicated attacks.

Best Practices To Prevent Cyberattack

To protect against software, Kaspersky experts encourage companies to follow these best practices:

1. Regularly update all your devices to fix any security holes that attackers could use.
2. Keep an eye out for strange activities in your network and any important data leaving your system, which could be a sign of cybercriminals at work.
3. Use tools like the free Kaspersky Anti-Ransomware Tool for Business to keep your computers and servers safe from malware.
4. Use a security information and event management (SIEM) tool, like the Kaspersky Unified Monitoring and Analysis Platform (KUMA), to quickly look at security events.
5. Use Advanced Threat Solutions: Invest in anti-APT and endpoint detection and response (EDR) tools to quickly find and fix problems.
6. Regularly check and audit your supply chain and services you use to lower the risks.
7. Use the latest Threat Intelligence to stay updated on actual TTPs used by threat actors.
8. Pick from Kaspersky’s products that give you real-time protection and a good view of the threats so that any organization can deal with cyber threats.

In short, the cyber security situation in Malaysia is changing and the risks are more alarming. With cyber threats growing, businesses need to do things to make their defenses stronger. It’s time for organizations to ensure their cybersecurity is up with the times, and bolster their readiness, and ensure safety with Kaspersky.