Back

Malaysia's Cyber Threat Landscape Faces Significant Transformation Amid Digital Expansion

Severity: High (Score: 75.5)

Sources: Scworld, Industrialcyber.Co

Summary

Malaysia's cyber threat landscape is experiencing a structural shift due to rapid digital growth and geopolitical factors, making it a prime target for cyber attacks. A report from Cyfirma indicates that state-backed actors, particularly from China, are focusing on espionage within the semiconductor supply chain and government networks. Concurrently, financially motivated groups like Lazarus and FIN7 are posing threats to banking and digital assets. The report highlights that phishing attacks have surged, accounting for 75% of incidents, with losses exceeding one billion ringgit in early 2025. The attack surface has widened significantly due to Malaysia's strategic location near the Strait of Malacca and its expanding electronics manufacturing sector. Ransomware activity remains steady, driven by a few active groups, with professional services and finance being the most affected sectors. The report notes that Russian-aligned actors are opportunistic, relying on credential harvesting rather than targeted campaigns. Overall, defenders face a dual-threat environment combining sophisticated social engineering and high-volume DDoS attacks. Key Points: • Malaysia's cyber threat landscape is evolving due to rapid digitalization and geopolitical significance. • State-backed actors from China are targeting semiconductor supply chains and government networks. • Phishing attacks account for 75% of incidents, with financial losses exceeding one billion ringgit.

Key Entities

  • APT41 (apt_group)
  • Fancy Bear (apt_group)
  • FIN7 (apt_group)
  • Gamaredon (apt_group)
  • Lazarus Group (apt_group)
  • Data Breach (attack_type)
  • DDoS (attack_type)
  • Phishing (attack_type)
  • Ransomware (attack_type)
  • Supply Chain Attack (attack_type)
  • R00tK1T ISC Campaign (campaign)
  • Malaysia (country)
  • Energy (industry)
  • Financial (industry)
  • Government (industry)
  • Manufacturing (industry)
  • Technology (industry)
  • CoolClient (malware)
  • T1003 - OS Credential Dumping (mitre_attack)
  • T1566 - Phishing (mitre_attack)
  • T1574 - Hijack Execution Flow (mitre_attack)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed