MALAYSIAN businesses are taking note of the growing threats in cyberspace.
In fact, SME (small and medium-sized enterprise) Association of Malaysia president Datuk Michael Kang says cyberattacks are becoming more common among businesses these days.
“Such cases have doubled among our members compared to five years ago.
“The association constantly receives complaints about attacks by hackers.
“Some involve companies losing data without having any backup, ” he says, adding that more needs to be done by SMEs to protect their digital systems.
One of the worst cases he knows of was when a company in the manufacturing and services sector lost all its data to cybercriminals.
In the end, the company had to rebuild its digital system from scratch.
The association has around 3,000 indirect members and 500 direct members comprising organisations and companies in Malaysia.
Malaysia has over 900,000 SMEs, which represent close to 99% of all business establishments in the country.
This is why it is such a concern that many SMEs are still not fully equipped to defend their digital systems from cybercriminals.
As Kang points out, SMEs normally have small budgets allocated to cybersecurity.
Employees also tend to lack knowledge about cyberthreats.
“Only when the systems are attacked do affected companies start looking into such issues, ” he says.
Urging businesses to look more seriously into improving their cybersecurity, Kang says companies must embrace the Fourth Industrial Revolution (IR 4.0) and accept that threats will evolve with the times alongside technological advances.
“The government should also allocate incentives to assist SMEs in protecting our systems in light of the digital era, ” he suggests.
But for now, Kang advises companies to invest in good cyberprotection and always have backup records that are updated constantly.
“Companies should also send staff for awareness programmes on cyberthreats, aside from subscribing to cybersecurity services to prevent hackers, ” he adds.Malaysian Employers Federation executive director Datuk Shamsuddin Bardan proposes that the government develop a free national system that Malaysian companies can use to protect themselves from cyberthreats like ransomware attacks.
“Malaysian employers are aware of cyberthreats. But micro employers who have, say, fewer than five employees may not have sufficient funding for cybersecurity solutions, ” he says.
He also suggests more efforts be made to educate workers about the latest types of cyberattacks.
“As more employers are depending on technology, situations – where they are subjected to cyberthreats – will also be more frequent, ” he points out.
It doesn’t help that ransomware creators are becoming more innovative by coming up with more variants of the malware, says cybersecurity specialist Vincent Ho.
While avoiding being targeted might be difficult, to at least avoid paying a ransom, companies have to ensure that they have working and reliable backups to restore data.
Once targeted, a company has to accept there will be a period of data loss between the time of the ransomware attack and data and service are restored.
Without data backups, a company might choose to pay the ransom.
However, Ho says there is no guarantee it will get back all the data that’s being held ransom.
“There’s a significant level of risk either way, ” Ho explains.
As a security professional, he advises victims against paying the ransom as it only encourages this form of attack.