Cybersecurity threats in Malaysia spiked amid remote working in 2020: Kaspersky
Published 1 March 2021
With 67 per cent of the Malaysian companies required their staff to work from home (WFH) during national lockdowns, a global threat intelligence exchange network Kaspersky reveals that it has detected a 33% rise in web threats in the country last year.
Kaspersky Security Network (KSN) is a complex distributed infrastructure that integrates cloud-based technologies into personal and corporate Kaspersky solutions, with cybersecurity-related data streams from millions of voluntary participants worldwide.
“We have seen several incidents of scams and social engineering tactics last year, which is aimed at tricking the human mind to steal money or information. Most of which used buzzwords related to COVID-19. Avoiding such requires a lot of calmness and vigilance, which is a tough one to have amidst the chaos that is the pandemic,” said Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.
Amongst the noticeable factors behind the uptrend of web threats in Southeast Asia were the web-skimmers, which is a form of internet or carding fraud where a payment page on a website is compromised has grown by about 20%. The majority of the web threats were targeted at home users in Malaysia, 17.7%, whereas business users at 7.1%.
The top five web threats in Southeast Asia in 2020 were: malware in web traffic is found during browsing scenarios – when user visits infected site or online advertisement performs unfair action; unintentional downloads of certain programs or files from the internet; downloading malicious attachments from online e-mail services; browser extensions activity; downloads of malicious components or communications performed by other malware.
For companies observing remote work, Kaspersky specialists have the following tips to help employers and businesses stay on top of any potential IT security issues and remain productive while the staff is working from home:
- Ensure your employees have all they need to securely work from home and know who to contact if they face an IT or security issue;
- Schedule basic security awareness training for your employees. This can be done online and cover essential practices, such as account and password management, email security, endpoint security, and web browsing.
- Take key data protection measures including switching on password protection, encrypting work devices, and ensuring data are backed up.
- Ensure devices, software, applications, and services are kept updated with the latest patches.
- Install proven protection software, on all endpoints, including mobile devices, and switch on firewalls.
- Ensure you have access to the latest threat intelligence to bolster your protection solution.
- Double-check the protection available on mobile devices. It should enable anti-theft capabilities such as remote device location, locking and wiping of data, screen locking, passwords, and biometric security features like Face ID or Touch ID, as well as enable application controls to ensure only approved employees use applications.
- In addition to physical endpoints, it is important to protect cloud workloads and virtual desktop infrastructure.
“It is high time for enterprises, of all shapes and sizes, to understand that online threats even against individuals should now be considered risks against companies. We need to remember, cybercriminals, never sleep. Hence our security solutions should be automated, intelligence-based, and proactive,” added Yeo.