Ensign InfoSecurity, Asia’s largest comprehensive cybersecurity solutions provider, has released its fifth edition of the Cyber Threat Landscape Report (CTL). This year’s report highlights significant changes in the sectors most targeted by cyber threats. Manufacturing, Government, and Technology, Media, and Telecommunications (TMT) have emerged as the top three targets in 2023, marking a shift from the previous year.
In 2022, the TMT sector was the primary target, followed by Financial Services and Insurance, and Energy & Water. However, in 2023, Manufacturing took the top spot, accounting for 20.0% of all attacks. The Government sector followed at 18.2%, with TMT coming in third at 14.5%. Professional Services and Retail, which were not in the top three in 2022, ranked fourth and fifth in 2023 with 9.1% and 7.4% of attacks, respectively.
Malaysia has become a hotspot for multinational companies relocating high-tech manufacturing operations. This growth, however, comes with increased cyber risks. Ensign attributes the sector’s vulnerability to three main factors: the possession of valuable data ranging from contracts, supplier details, trade secrets, industrial designs, and personal information; the operation of continuously running machinery where disruptions could impact safety or business operations; and generally lower cyber hygiene compared to other more tightly regulated industries.
The Government sector, rich with data on national security, citizens, and public services, remains a prime target for cyber threats. The report highlights that geopolitical interests and fragmentation continue to drive cyberattacks aimed at gaining political leverage.
Ransomware remains a critical threat, accounting for 58.2% of all cyberattacks in Malaysia. Attackers increasingly employ “double extortion” tactics, where they first steal data before encrypting it, thus pressuring victims to pay ransoms not only to recover their data but also to prevent its public release. Ensign notes that these attacks target businesses crucial to post-pandemic economic recovery.
Despite the rise in attacks, there is a silver lining. Ensign observed a significant reduction in the average “dwell time” – the period attackers remain undetected in a network. This figure plummeted from 1095 days to just 49 days, indicating improved detection and response capabilities across industries.
The report also sheds light on several emerging threats: cyberattacks motivated by ideological causes are becoming increasingly problematic; supply chain attacks are escalating, particularly those targeting network devices; and AI poses new risks in the cyber and information domains.
Ensign’s report concludes with strategic recommendations for organizations to bolster their defenses against these evolving threats. By understanding the changing threat landscape, businesses and government agencies can better prepare and protect their critical assets.
For more information, visit Ensign InfoSecurity’s website to download the full Cyber Threat Landscape Report.