Cybersecurity

Nacsa investigating alleged cyber-espionage targeting multiple government bodies

By Christopher Fam
The Nacsa spokesperson said the agency received the relevant intelligence related to the alleged activity from Palo Alto Networks' Unit 42 and moved to address the alleged attacks in accordance with its established national cybersecurity incident handling process. — Photo by Bernd Dittrich on Unsplash

PETALING JAYA: The National Cyber Security Agency (Nacsa) is currently investigating alleged incidents of cyber-espionage activity targeting various Malaysian government entities.

In a statement to StarLifestyle, a Nacsa spokesperson said the agency is aware of a report published by Unit 42, the threat research unit of US-based cybersecurity firm Palo Alto Networks.

The Nacsa spokesperson said the agency received the relevant intelligence related to the alleged activity from Palo Alto Networks' Unit 42 prior to the report's publication, and moved to address the alleged attacks in accordance with its established national cybersecurity incident handling process.

"Since September 2025, Nacsa has been monitoring the situation and has taken the necessary precautionary and investigative measures in coordination with the relevant entities.

"Ongoing assessments are being conducted using both internal intelligence and technical analysis to validate and contextualise the findings outlined in the Palo Alto Networks report.

"Nacsa remains engaged with the appropriate stakeholders to ensure that any identified risks are managed and that the affected entities' network environments continue to be safeguarded.

"Nacsa will continue to monitor the developments closely and take further action where necessary," the agency's spokesperson said, adding that while no adverse impact was found, the agency would continue investigations into the matter.

The Unit 42 report alleged that a cyber-espionage group designated as TGR-STA-1030 had compromised several government departments and ministries in an attempt to steal immigration and economic intelligence data.

It further claimed that the group also compromised "a large private financial entity in Malaysia that provides microloans in support of low-income households and small businesses".

Unit 42 said it assesses with high confidence that the TGR-STA-1030 group is state-aligned and operates out of Asia, while alleging that it conducted "active reconnaissance" against government infrastructure in 155 countries between November and December 2025.

Alongside Malaysia, the cybersecurity research group believes the activity also targeted government infrastructure in Afghanistan, Bangladesh, India, Indonesia, Japan, Mongolia, Papua New Guinea, Saudi Arabia, Sri Lanka, South Korea, Taiwan, Thailand, Uzbekistan and Vietnam.

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Next In Tech News
Why AI means animal testing is not always needed to trial new medicines
Day of reckoning arrives for social media after US court loss
Teens get probation after using AI to create fake nudes of classmates
Revolut to base 40% of its global workforce in India by 2026
Apple rolls out age checks for UK users
Munich Re: AI making cyber attacks costlier and more effective
Nanya Technology shares surge 10% after $2.5 billion fundraising
Nvidia-backed Reflection AI eyes $25 billion valuation, WSJ reports
Hundreds of teens to trial social media bans in UK pilot project
Apple plans AI reboot with Siri app, new look and ‘Ask Siri’ Button in iOS 27

Trending in Tech

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.