Microsoft 365 Accounts for 32% of Cyber Incidents in Malaysia

Severity: Medium (Score: 51.9)

Sources: Itbrief.Asia, Securitybrief.Asia

Summary

Simply Data's Malaysia Cyber Threat Report 2025 reveals that Microsoft 365 was involved in 32% of escalated security incidents among Malaysian organizations. The report analyzed over 120.6 billion security logs, resulting in 12.4 million alerts and 3,945 confirmed incidents. Attackers exploited misconfigured conditional access policies, weak multi-factor authentication, and compromised credentials, often obtained through phishing and Dark Web activities. The education, logistics, and large conglomerate sectors were the most targeted. Additionally, 33.2 million malicious indicators of compromise linked to Malaysian entities were detected on the Dark Web, highlighting the need for external monitoring. The findings indicate that cloud office software has become a significant vulnerability for many organizations. Access to identity systems like Azure AD poses serious operational risks if credentials are compromised. The report emphasizes that organizations must actively monitor Dark Web activities to protect their assets. Key Points: • Microsoft 365 accounted for 32% of escalated security incidents in Malaysia in 2025. • 33.2 million malicious indicators of compromise related to Malaysian entities were found on the Dark Web. • Education, logistics, and conglomerates were the most frequently targeted sectors.

Key Entities

• Phishing (attack_type)
• Ransomware (attack_type)
• Supply Chain Attack (attack_type)
• Malaysia (country)
• Education (company)
• Financial (industry)
• Government (industry)
• Healthcare (industry)
• Logistics (industry)
• T1566 - Phishing (mitre_attack)
• Azure AD (platform)
• Exchange Online (platform)
• Microsoft 365 (platform)
• SharePoint (platform)
• Teams (tool)