Malaysia Threat Report: 2024 Cybersecurity Insights

In today’s rapidly evolving digital landscape, cyber threats continue to pose significant risks to businesses of all sizes. With the increasing complexity of cyberattacks, traditional security measures are no longer sufficient. Organizations must adopt proactive threat intelligence solutions that not only detect threats but also take immediate action. Simply Data is at the forefront of cybersecurity innovation, offering an advanced Threat Intelligence – Integrated SOAR Automation Blocking solution that ensures robust protection for enterprises.

Key Insights from the 2024 Malaysia Threat Report

Our latest Malaysia Threat Report provides an in-depth analysis of cybersecurity incidents, revealing alarming trends in the cyber threat landscape. In 2024 alone, Simply Data collected and analyzed 71,830,607,531 logs, identifying key attack patterns and vulnerabilities exploited by malicious actors.

Executive Summary

The report highlights a significant rise in ransomware attacks, phishing campaigns, and targeted intrusions affecting organizations across multiple sectors. Notably, Malaysia has seen a surge in APT (Advanced Persistent Threat) groupsleveraging zero-day vulnerabilities to infiltrate critical infrastructure.

The report identifies threat actors such as FLAX TYPHOON, SIDEWINDER, RIPPERSEC, GAMAREDON, HUNTERS, RANSOMHUB, RHYSIDA, and BLACKCAT, who have been actively targeting financial institutions, logistics, and education sectors in Malaysia. These groups employ sophisticated techniques like credential theft, supply chain attacks, and advanced evasion tactics. Additionally, the LockBit ransomware group has been responsible for several high-profile ransomware incidents, crippling organizations through double extortion tactics—encrypting data and threatening to release stolen information publicly.

Another critical finding is the rise in phishing-as-a-service (PhaaS) platforms, enabling cybercriminals to deploy large-scale credential-harvesting campaigns with minimal effort. The emergence of deepfake social engineering tactics further complicates security defenses, requiring businesses to enhance their detection mechanisms.

Top 5 Cybersecurity Incidents

Our research recorded a substantial rise in cybersecurity incidents across Malaysia in 2024. The report details multiple high-impact cases, including:

1. Unauthorized Access via Brute Force Attacks – Attackers exploited weak passwords and credential stuffing techniques, leading to significant breaches.
2. Ransomware Infections via Phishing Emails – Organizations fell victim to sophisticated phishing campaigns delivering ransomware payloads.
3. Supply Chain Attacks – Malware was injected into widely used third-party software updates, compromising hundreds of businesses.
4. Data Destruction & Wiper Malware Attacks – Malicious actors deployed destructive malware to erase critical business data.
5. Cloud Infrastructure Exploitation – Attackers took advantage of misconfigured public cloud environments, leading to data leaks and account takeovers.

Top 3 MITRE Tactics & Techniques

The report highlights the most commonly used MITRE ATT&CK techniques observed in attacks against Malaysian businesses:

• T1110 (Brute Force Attacks) – Cybercriminals attempted to gain access by guessing user credentials.
• T1665 (Hide Infrastructure) – Adversaries concealed malicious command-and-control (C2) communications to avoid detection.
• T1485 (Data Destruction) – Attackers deployed malware to delete critical data, disrupting business operations.

Threat Intelligence by Countries

The report reveals the top 5 countries from which cyberattacks targeting Malaysia originated:

1. United States – Hosting a significant number of compromised servers used in attacks.
2. China – Linked to state-sponsored APT activities.
3. Great Britain – Origin of multiple cybercrime operations.
4. South Korea – Emerging hub for cyber exploitation activities.
5. Russia – A major source of ransomware and cyber extortion campaigns.

Key Risks Identified in 2024

The primary risks affecting organizations in Malaysia include:

Stay Ahead with Simply Data

Cyber threats are becoming more sophisticated, and organizations must be proactive in their defense strategies. With Simply Data’s Threat Intelligence – Integrated SOAR Automation Blocking, businesses can safeguard their critical assets, maintain compliance, and ensure uninterrupted operations.

Want to learn more about how Simply Data can protect your business? Contact us today to schedule a consultation or subscribe to our quarterly Cybersecurity Intelligence Newsletter for the latest threat updates.