Image credit: Soya Cincau
THE financial and telecommunication sectors are some of the sectors that are mostly exposed to cybercriminal activities, according to CyberSecurity Malaysia.
“Although other sectors are also basically having the same problem, but these are the two top sectors that are currently facing the threats in Malaysia,” CyberSecurity Malaysia CEO Datuk Dr Amirudin Abdul Wahab said.
“I believe with more critical sectors digitalised and transforming themselves, and enabling the digital technology which obviously will be more exposed.”
Amirudin also said that contrary to the public’s sentiment, it is not big companies and conglomerates that often become the target of cyberattacks, but small businesses are usually the easy target.
“Actually, small and medium enterprises (SMEs) are basically one of those that are targeted by these sub-criminal or sub-attackers, and this is something that needs to be understood.
“In fact, SMEs are even more vulnerable, they are even letting themselves in terms of investment and readiness, but they are also the ones that provide support to the big companies,” Amirudin said at the Kaspersky Asia-Pacific Online Policy Forum recently.
Moreover, he said that cyberattacks on small businesses could be a huge mess as it will also affect others businesses once they were exposed.
“In the context of Malaysia, we realise this is important and we work with the SMEs — we are trying to push all SMEs to adapt to the ICT as well as basic digital technologies in their business,” he said.
However, Amirudin noted that due to the limited resources, SMEs may tend to see cybersecurity as an afterthought rather than an investment that needs to be put in place in the beginning.
“We believe that when we talk about the issue of cybersecurity, we have to approach it holistically,” he stated.
Concurrently, he said that three key components need to be understood namely, the people, the process and the technology.
Notably, CyberSecurity Malaysia has introduced “SiberKASA” which aims to empower and strengthen the cyber security infrastructure in the country.
CyberSecurity Malaysia has also carried out a cyber-health checks programme for SMEs to engage and establish consumer readiness levels.
“We try to enhance them for their cybersecurity resilience towards a solid trench and also to basically help them build the competencies needed,” he added.
According to him, the programme is not only to help the ICT sector, but also other sectors that utilise digital technology as an enabler in their business.
Additionally, Kaspersky and policy experts are discussing ways to improve the ICT supply chain resilience in the Asia-Pacific region as cyberattacks rise due to the huge leap in digitalisation during the pandemic.
Kaspersky CEO Eugene Kaspersky said the last two years had seen a new wave of attacks that exploited critical vulnerabilities in the ICT supply chain.
“The world saw some high profile incidents where cybercriminals took advantage of the weaknesses of ICT vendors, and used them as attack launch pads with many targets in one fell swoop,” he said in a statement after the forum.
He expects the supply chain attacks to be “a growing trend in 2022 and beyond” as cybercriminals try to further monetise this threat. Hence, he said short and longterm strategies should be looked into by both government and private sectors.
“Short-term solution includes improving procedures and regulations on ICT supply chain infrastructure (while) the long term solution is to make systems immune.
“This means even if there is a vulnerability in an ICT supply chain component, this weakness will not impact the whole system, or ‘carry over to other components in the chain’,” he said.
Source: https://themalaysianreserve.com/2022/01/24/smes-are-more-vulnerable-to-cyberattacks/