KUALA LUMPUR: Businesses and organisations in Malaysia are among the top in South-East Asia facing web-based threats, with 19.62 million attacks in the first half of the year of 2024 (1H 2O24), according to cybersecurity company, Kaspersky.

This was followed by Indonesia with 3.2 million web-based threats, it said in a statement today.

Vietnam and Thailand are sitting lower in the regional rank, with total web attacks of 1.45 million and 1.06 million, while 846,837 threats were recorded in the Philippines and 574,292 in Singapore.

In 1H24, Kaspersky has detected and blocked over 26 million web threats from its security solutions for businesses in the region, averaging 146,944 web attacks every day.

"As businesses and governments in the region continue to embrace digitalisation to drive economic growth, their increased reliance on digital platforms broadens their attack surface.

"This leads to more opportunities for cybercriminals to exploit vulnerabilities in unprotected systems, which can cause disruptions to supply chains, financial institutions, and critical infrastructure such as healthcare and energy,” said general manager for South-East Asia, Yeo Siang Tiong.

He highlighted that such incidents can damage productivity, lead to financial losses, and erode trust in digital systems.

Therefore, he emphasised the importance for local businesses to maintain round-the-clock vigilance, prioritising and strengthening their cybersecurity posture, despite governments increasingly focusing on mandatory regulations and laws to protect data and enforce accountability for cybersecurity incidents.

Yeo said this was because cybercriminals in the region are becoming more sophisticated, utilising artificial intelligence (AI)-driven attacks and other tools and techniques.

Hence, he urged businesses to invest in robust cybersecurity tools like end-point protection, firewalls, and real-time event monitoring and management.

"Regular security assessment and audits must be conducted to identify weaknesses and address vulnerabilities,” Yeo said.

Kaspersky also recommends businesses bolster their cybersecurity protection including keeping their software updated on all devices to prevent attackers from exploiting vulnerabilities infiltrating the organisation’s network and backing up data regularly.

It also suggested they set up a security operation centre (SOC) using an SIEM (security information and event management) to defend against sophisticated cyber threats.

"If your company does not have a dedicated information technology (IT) security function, consider subscribing to managed services to instantly boost security capabilities by an order of magnitude while allowing you to focus on building in-house expertise.

"For small businesses, use solutions intended to help you manage your cybersecurity even without having an IT administrator on board,” Kaspersky emphasised. – Bernama