THE manufacturing, government, technology, media, and telecommunications sectors were the top targets of cyberthreats last year.
This finding, among other critical insights, is featured in the fifth edition of Ensign InfoSecurity's Cyber Threat Landscape Report, which uses the cybersecurity firm's proprietary and cyberthreat intelligence sources.
According to Ensign, the rankings of the most-targeted sectors have changed substantially from the previous year.
The company said Malaysia has emerged as an attractive destination for multinationals relocating their high-tech manufacturing businesses.
However, this sector has become a prime target for cybercriminals due to several factors: the possession of valuable data such as contracts, supplier details, trade secrets, industrial designs and personal information; the operation of continuously running machinery, where disruptions could impact safety or business operations; and, generally lower cyber hygiene compared with more tightly regulated industries.
Similarly, the report said the government sector is a lucrative target for cyberthreats, holding valuable data related to national security, citizens, and public services. With growing geopolitical interests and fragmentation, government agencies face increased targeting for political leverage.
The report also highlighted that ransom was the primary motive behind more than half of all observed cyberattacks in Malaysia (58.2 per cent), where attackers sought to financially exploit victims through extortion.
"The marked increase in targeted attacks on essential sectors, such as manufacturing and the government, signals an urgent need for a more comprehensive and coordinated approach to cybersecurity in these areas," said Ensign InfoSecurity Malaysia general manager Chee Yee Cheng.
"Through Ensign's Cyber Threat Landscape Report, we hope to help establish more rigorous cyber hygiene standards and practices, ensuring that these sectors are adequately prepared to defend against and deter cybercriminals."
This trend reflects a global worsening of the ransomware threat for corporations. A deep-dive analysis in the report explored how these attackers operate and how they "double" extort their victims as a new tactic.
Correlating both ransom and targeted industry groups, Ensign believes that ransoms were aimed at capitalising on businesses supporting economic recovery post-pandemic.
Ensign said it also observed heightened awareness of potential cyberthreats across six territories last year.
"The average 'dwell time', which measures how long an attacker stays inside their victim's network before discovery, fell sharply across industries (from a maximum of 1095 days to 49 days), suggesting that defenders are improving at detecting breaches, even from stealthy cyber attackers," it said.