THE need for advanced cybersecurity measures in the face of advanced attack surfaces and sophisticated cyber threats has never been more pronounced.
Kaspersky for Southeast Asia, general manager, Yeo Siang Tiong, said: "We have new mobile devices and new virtual devices, such as Internet of Things (IoT) devices.
"So the attack surface has grown a lot," he said at the Kaspersky Next launch recently.
He said this expansion has outpaced the capabilities of traditional cybersecurity tools used by researchers, vendors and enterprises.
CYBERCRIMINALS EXPLOITING VULNERABILITIES
Cybercriminals are exploiting these vulnerabilities, creating a need for innovative solutions.
Yeo said simple devices, such as thumb drives and chargers, can be carriers of malware.
"From the statistics, 411,000 new pieces of malware were detected every day in 2023."
He said 51 per cent of businesses struggle to detect and investigate advanced threats.
"These attacks, organised by crime groups and skilled hackers, are not the simple viruses or malware of the past.
"They are complex and targeted, requiring advanced detection and response.
"There were 124,000 financial phishing attacks in 2023, and that's only in Malaysia."
OTHER THREATS
Besides phishing attacks, local threats, such as remote desktop protocol and ransomware, have become the main threats against Malaysian businesses.
"A total of 8 million brute force attacks targeted businesses here in 2023.
"Besides that, 4,982 ransomware attacks against Malaysian firms were foiled by Kaspersky in 2023."
Yeo added a reasons for this challenge is the lack of cybersecurity skills to keep up with security analytics and operations.
"The volume and complexity of security alerts have increased, which cause gaps in security monitoring tools and processes."
He said the cybersecurity landscape was evolving, with 70 per cent of affected companies stating that security is tougher now than three years ago.
"The reason we see threats evolving is the many gaps. This evolution requires a shift from traditional antivirus solutions to more advanced systems."
NEW ATTACK VECTORS
Yeo also pointed out the emergence of new attack vectors, such as cloud services and mobile devices.
The concept of Bring Your Own Device (BYOD) complicates the security landscape, as employees use personal devices for work-related tasks, increasing attack surfaces.
"If you have models in organisations that implement BYOD, many of these endpoints are not properly secured because they are personal devices.
"They are assets that belong to individuals.
"And as a result, if they are not secure and there is no cyber hygiene on those endpoints, they are vulnerable and are easily targeted by cybercriminals."
Recognising the lack of manpower in the cybersecurity industry to tackle malware attacks, Kaspersky, head of system engineering for Southeast Asia, Victor Chu, stressed the role of education.
"As a global cybersecurity provider, we know the manpower challenges facing the industry.
"This issue is not confined to Malaysia but is widespread. The difficulty in finding skilled resources in the cybersecurity sector is a topic of discussion everywhere.
"By intensifying efforts through education, we can raise awareness and build skill sets in the industry and elsewhere.
"Partnerships with educational institutions can spark interest and develop talent in cybersecurity."
