KUALA LUMPUR: Ransomware continues its surge to become the number one threat type globally including Malaysia among other cyber threats looming within today's digital economy.
IBM Malaysia managing director Catherine Lian cyber criminals, some of them just as innovative as breakthrough startups, have also adopted best practices from legitimate businesses like artificial intelligence and machine learning to increase their success rate.
She said the IBM X-Force Threat Intelligent Index 2021 identified a 40 per cent rise in open source malware, leaving many organisations as prime targets due to the rush to 'cloudify' everything.
She described this form of cyber aggression as one of the most prolific criminal business models in existence today.
IBM X-Force is a global renowned threat intelligence sharing platform enabling research on security threats, aggregation of intelligence, and collaboration with peers.
According to the report, an annual check-in on the threat landscape, ransomware represented 23 per cent of security events the IBM X-Force team had responded to in 2020.
"Ransomware is essentially malicious software or malware which has morph into an underground industry well on its way towards becoming a global billion-dollar enterprise – one that victims are inadvertently funding.
"Attackers are operating like a well-oiled business industry, yielding high profits in a year that most businesses struggled. Why? The new ransomware business model is relentless, extortive and paying off," said Catherine in a statement today.
Typically, an organisation's system becomes compromised after an attack when the malware takes control of an organisation's system by encrypting data with the ransomware.
Afterwards, the compromised machine displays a message with the 'ransom note', with the attacker's demands, telling the victim that their encrypted files will not be accessible until the ransom is paid.
The report highlighted that manufacturing organisations weathered an onslaught of ransomware and other attacks in 2020.
After finance and insurance, the manufacturing industry was the second-most targeted industry, having been the eighth-most targeted industry in 2019.
"X-Force discovered sophisticated attackers using targeted spear-phishing campaigns in attacks against manufacturing businesses and non-government organisations (NGO) involved in the Covid-19 vaccine supply chain," said Catherine.
Ransomware attackers increased the pressure to extort payment by combining data encryption with threats to leak the data on public sites.
The success of these schemes helped just one ransomware group reap profits of over US$123 million (RM497 million) in 2021, according to IBM X-Force estimates.
In Malaysia, the government has allocated RM27 million in Budget 2021 to strengthen the country's cybersecurity resilience.
"This allocation shows Malaysia's commitment to combat cybercrime," said Catherine, a stance concurred by one of Malaysia's cybersecurity expert Fong Choong-Fook, who is the managing director of LE Global Services Sdn Bhd.
Catherine foresees that ransomware would continue to grow with thousands of new vulnerabilities as businesses raced to transition to cloud environments to 'keep their businesses' lights on' during the pandemic.
"Double extortion for ransomware will likely persist through 2021. Attackers publicly leaking data on name and shame sites increases threat actors' leverage to command high prices for ransomware infections," she said.
Meanwhile, Fong said the progressive growth of Malaysia's digital economy is a double-edged sword, as more online platforms means more avenues of attack for criminals.
"As organisations strive to become more technologically mature, cyber risks and data security risks are paradoxically often under-addressed," he said.
The recent IBM 2021 CEO Study revealed that only 23 per cent of Malaysian chiefe executive officers (CEO) are citing cyber threats as strategically crucial over the past 12 months, showing less inclination to put higher strategic importance on protecting against cyber risks and data exposures.
The findings have prompted concerns for Malaysia's ongoing cyber resiliency, said Catherine.
"There is 'no silver bullet' to address ransomware. cybersecurity teams need to be extremely alert at all times, and with strong diligence needed.
"Education is extremely critical to counter cyber threats and everyone within an organisation should appreciate the four key areas of predict, prevent, detect and respond," said Fong.
As data analytics becomes the foundation of all strategy decisions, establishing a data platform on a secured hybrid cloud platform is fast becoming a critical priority on the list of an enterprise's agenda.
By bringing the open hybrid cloud into the company's strategy, business leaders would realise the security, efficiency, and faster data management capabilities.
With all those aspects, every company can enhance its business processes to thrive and increase competitiveness in the Fourth Industrial Revolution (4IR).
Fong reminded Malaysian companies to be proactive and conduct yearly penetration testing (pentest) exercises to make their technology systems more secure.
Pentest is all about testing IT infrastructure in a safe environment to identify vulnerabilities and stay ahead of malicious attackers.
"It would also require an assessment of resources and business needs to develop a fresh approach to culture and cloud security strategy," he added.
To address the constant threat of ransomware, Catherine recommended the IBM Open Hybrid Cloud platform.
"This platform provides orchestration, management and application portability between both public and private clouds to create a single, flexible, optimal cloud infrastructure for running a company's computing workloads," she said.
"Ultimately, Malaysian companies need to harden their cloud environments with a zero-trust approach to their security strategy," she further said.
"With this platform, organisations are able to leverage artificial intelligence (AI) to monitor and contextualise dynamic behaviours across hybrid cloud environments. They can also benefit from 'confidential computing' to protect their sensitive data in the cloud and safeguard against supply chain compromise," Catherine said.