Menu
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ...
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.
The modern cybersecurity landscape is fraught with evolving threats, posing significant risks to businesses, government entities, and individuals. Malaysia has seen a surge in cyberattacks, showing the real urgency for stronger defences and response mechanisms.
For the purpose of understanding key cybersecurity risks, here are some examples of cyberattacks:
A. Ransomware
Ransomware attacks remain one of the most pressing threats in Malaysia, encrypting critical systems or data and demanding ransom payments for their release. Phishing continues to be the primary entry point for ransomware, making Malaysia one of the most targeted countries in Southeast Asia. The rise of Ransomware-as-a-Service (RaaS) has further escalated the threat, allowing cybercriminals to purchase access to networks from Initial Access Brokers (IABs) to deploy large-scale attacks.
One of the most significant recent ransomware incidents in Malaysia involved Prasarana Malaysia Bhd, a key public transport operator. The ransomware group RansomHub reportedly compromised 316GB of data and threatened to publish the stolen information unless a ransom was paid. This incident highlights the vulnerabilities faced by critical infrastructure providers and the urgent need for enhanced cybersecurity measures.
B. Phishing
Phishing remains a prevalent attack vector, with cybercriminals using deceptive emails and messages to trick recipients into revealing sensitive information. These campaigns often serve as the initial step in broader cyberattacks, including credential theft and malware deployment.
C. Zero-Day Exploits
Zero-day exploits target previously unknown software vulnerabilities before patches can be developed. These attacks are particularly dangerous for widely used applications, as updates often take time to roll out effectively.
A critical example was the MOVEit software vulnerability exploited in 2023, affecting a major Malaysian insurance provider. The breach led to significant leaks of Personally Identifiable Information (PII) and demonstrated the necessity of timely security updates and proactive vulnerability management.
Reporting Cybersecurity Incident: Compliance with the Cyber Security Act 2024
Besides prevention, an effective post-incident response is just as crucial. As discussed in a previous article, the Cyber Security Act 2024 (“the Act”) imposes stringent obligations on entities operating within Malaysia’s National Critical Information Infrastructure (NCII). Under Sections 23 and 35 of the Act, NCII entities have a duty to report cybersecurity incidents promptly. Any act or activity carried out on or through a computer system, without lawful authority, that jeopardises or adversely affects cybersecurity falls within the Act’s definition of a “cybersecurity incident.”
NCII entities must notify authorities as soon as an incident is discovered by submitting an initial electronic notification (“First Notification”). Within six hours of this notification, they must provide further details to the National Cyber Coordination and Command Centre System (NC4S), to report the severity, impact, and method of discovery. A more comprehensive report, including affected systems and estimated damage, must be submitted within 14 days.
While these requirements specifically apply to NCII entities, non-NCII entities are also encouraged to adopt similar measures to strengthen their cybersecurity resilience. Reports can be filed via the NACSA website, with distinct procedures for NCII and non-NCII entities.
Beyond reporting, NCII entities are required to cooperate with NACSA in cyber investigations. If notified of an incident, NACSA’s Chief Executive may issue directives specifying necessary response and recovery measures. These directives not only mitigate immediate threats but also enhance cybersecurity practices to prevent future incidents. The data collected through these reports helps refine Malaysia’s cybersecurity regulatory framework, identify emerging threats, and improve compliance standards.
Is Your Company Cyber-Ready?
With the increasing sophistication of cyber threats, both prevention and rapid response are critical. As cyberattacks become more prevalent, organisations must not only strengthen their technical defences but also ensure compliance with evolving cybersecurity laws and regulations.
Given the legal and financial ramifications of cyber incidents, businesses should proactively assess their cybersecurity governance, contractual obligations, and regulatory compliance frameworks. Addressing cybersecurity risks is not just an IT issue—it is a legal and strategic imperative.
Navigating these complexities requires a robust legal strategy. From incident response planning and regulatory compliance to contractual risk mitigation and dispute resolution, legal practitioners play a vital role in helping organisations stay prepared for cybersecurity challenges. If your organisation requires guidance on cybersecurity compliance, regulatory obligations, or incident response strategies, engaging legal professionals with expertise in technology and cybersecurity law can provide the necessary support to safeguard your business.
If you have any queries, please contact Senior Associate Harvey Ng Yih Xiang (nyx@lh-ag.com), Associate Khew Gerjean (kgj@lh-ag.com), or their team Partner, G. Vijay Kumar (vkg@lh-ag.com).
Learn more about our partners who specialize in this area