Kaspersky warns Malaysian firms face rising cyber threats

Malaysia faces a growing cybersecurity challenge as unpatched systems continue to expose enterprises to cyberattacks, according to new data from global cybersecurity firm Kaspersky. The company’s latest findings show that Malaysian businesses increasingly risk compromise due to existing software vulnerabilities that remain unresolved.

As Malaysia progresses in its digitalisation strategy, with the digital economy projected to account for 30% of the country’s GDP by 2030, the expansion of digital infrastructure has also expanded the attack surface for cybercriminals. In the first half of 2025, Kaspersky’s enterprise solutions blocked over 190,000 exploit attempts against Malaysian businesses, averaging more than 1,050 attacks daily. This represents a 16% increase compared to the same period in 2024, signalling a continued upward trend in exploit-based attacks.

Within Southeast Asia, Malaysia ranked third in overall exploit volume behind Indonesia, which faced more than 524,000 exploit attempts, and Vietnam, with roughly 301,000. Exploits are a form of malicious code designed to take advantage of unpatched vulnerabilities in software or operating systems, enabling unauthorised access to targeted systems.

Kaspersky’s analysis of global data showed that the most common exploits in the second quarter of 2025 targeted outdated Microsoft Office products. The top vulnerabilities included CVE-2018-0802 and CVE-2017-11882—both remote code execution flaws in the Equation Editor component—and CVE-2017-0199, a weakness in Microsoft Office and WordPad that can allow attackers to seize system control. Despite being years old, these vulnerabilities continue to be exploited because many organisations fail to apply available patches.

In addition to legacy vulnerabilities, the top 10 exploited flaws also featured newly discovered zero-day vulnerabilities—security weaknesses that are unknown to vendors and for which no fixes exist. Attackers used these to gain faster and more reliable access to systems before patches could be developed.

The report also revealed that threat actors, including advanced persistent threat (APT) groups, are expanding their targets to include modern productivity and development tools such as remote access software, low-code/no-code (LCNC) platforms, and emerging frameworks for AI-powered applications. The shift suggests that cybercriminals are adapting quickly to exploit new technologies adopted by businesses for efficiency and automation. Their objective remains consistent: obtaining system access and escalating privileges for long-term control of enterprise networks.

LCNC platforms enable users to create software applications through drag-and-drop components and visual interfaces, often without extensive coding expertise. While this approach speeds up application development, it also introduces new potential vulnerabilities if misconfigured or left unprotected.

The study further revealed that in the first six months of 2025, Malaysian companies experienced 1.7 million web-based threats, ranking the country as the second most targeted in Southeast Asia. This figure surpassed Indonesia’s 1.6 million incidents but trailed behind Thailand’s 2.5 million. Web threats typically involve malware that uses internet connections at some stage to compromise devices or systems, sometimes extending beyond direct online activities.

Kaspersky recommends that organisations in Malaysia strengthen their cybersecurity posture by conducting vulnerability investigations within secure virtual environments, maintaining continuous monitoring of their IT infrastructure, and implementing a consistent patch management process to ensure timely security updates. It also advises deploying advanced detection solutions, employee cybersecurity training, and the use of updated threat intelligence to understand and counter emerging attack tactics.