Latest news with #MalaysiaComputerEmergencyResponseTeam
The Star
11-06-2025
- Business
- The Star
MyCert: Malaysia data breaches up 29% in Q1 2025
MyCert said reports on ransomware incidents have decreased to 25% in Q1 2025, with 12 incidents compared to 16 in the last quarter. — Pixabay PETALING JAYA: The Malaysia Computer Emergency Response Team (MyCert) reported an increase in data breach incidents in Malaysia in the first quarter of the year. "Data breach incidents are growing in Malaysia with a nearly 29% increase this quarter, underscoring the need for better security measures to ensure national security and public trust," said MyCert. According to its latest Cyber Incident Quarterly Summary report released on June 10, MyCert received 195 incidents reports on data breach incidents in Q1 2025, compared to 151 in Q4 2024. No specific details were provided. It shared that "high-profile breaches" often involve massive datasets with personal identifier information (PII) such as full name, IC number, financial details and addresses being compromised. MyCert, which operates under Cybersecurity Malaysia, said it is also observing a trend of perpetrators stealing and holding sensitive data hostage until the affected organisation pays a ransom. However, it said reports on ransomware incidents have decreased to 25% in Q1 2025, with 12 incidents compared to 16 in the last quarter. It also shared that businesses are the "most impacted by ransomware incidents" in Malaysia with Active Directory servers being primary targets. Fraud incidents continue to target both end users and organisations. MyCert said it has become the preferred method of criminals due to lack of awareness among the public. It reported handling a total of 1,126 fraud cases this quarter, a 2% increase from last quarter. The top fraud incident is phishing with 719 cases, representing 68% of all cases. Overall, MyCert recorded 1,657 incidents in Q1 2025 in a number of categories including denial of service, malicious code and intrusion attempts; marking a 7% increase from 1,550 cases in the previous quarter.
The Sun
20-05-2025
- The Sun
Cyberstalking new challenge in battle against digital crime
PETALING JAYA: Never mind scam calls, stalking by cyber creeps is the new horror experience. Experts say cyberstalking has become the new focus in Malaysia's fight against cybercrime, with spyware-laden apps, stolen personal data and insider leaks providing stalkers the means to invade lives undetected. Cybersecurity Malaysia CEO Datuk Dr Amirudin Abdul Wahab said despite updates in 2023, existing laws remain inadequate to deal with cybercrimes. 'Malaysia amended the Penal Code in 2023 to criminalise stalking, including cyberstalking, under Section 507A. However, enforcement challenges remain due to anonymous online behaviour, outdated legal tools and limited victim support mechanisms,' Amirudin said in an emailed response to theSun. He also said these cases also remain underreported due to stigma, fear and lack of awareness. Amirudin said the personal data used in such incidents is often obtained through data breaches, public social media accounts, malicious mobile apps or leaks from third parties, such as insiders from call centres who sell personal contact information to scam syndicates. 'Scammers use this information to make unsolicited calls, send messages or add individuals to scam groups on platforms like Telegram or WhatsApp. While GPS tracking and spyware are less common, they are used in more targeted cases,' he said. Amirudin also advised victims of cyberstalking to systematically gather and preserve digital evidence to support investigations. 'Victims should take clear screenshots of messages, call logs, profiles and any suspicious content, ensuring that dates and times are clearly visible. Chat logs, emails and media files must be saved in their original, unaltered format.' 'Where possible, back up all evidence to a secure cloud service or external storage device. Once collected, this evidence should be reported promptly to relevant authorities for appropriate action.' According to Malaysia Computer Emergency Response Team data, Malaysia logged 4,219 online fraud cases in 2024, making it the top cybercrime in the country. This was followed by digital intrusions, with 755 cases. Commenting on the technical landscape, Taylor's University professor and Global Alliance for Cyber Safety director Datuk Husin Jazri said stalkerware and obfuscated malware are increasingly being used in cases of intimate partner violence and gender-based threats in Malaysia. 'These tools allow perpetrators to monitor, record and control victims remotely. They are difficult to detect,' he said. Husin cited several examples of such malicious apps, which are often disguised as phone RAM boosters, battery optimisers, child monitoring tools or even free keyboard apps. These apps commonly request high-level permissions or exploit Android's Accessibility Services to intercept data and log user activity. Husin also warned that fake system apps are being used to steal sensitive information. 'These apps disguise themselves as firmware updates but are actually sideloaded apps or phishing tools. 'They operate silently in the background without any visible icon, capable of recording microphone audio, capturing periodic screenshots and even harvesting messaging data from apps such as WhatsApp and Telegram,' he added. He also said Malaysia has limited technical capacity to trace and effectively respond to cyberstalking cases. 'We need a dedicated agency to ensure our digital citizens are safe and aware of the surrounding threats that are targeted at a random pace,' he said. He also urged immediate action, including the introduction of a Cyber Safety Act, revamping outdated laws like the Computer Crimes Act 1997, and rolling out cyber education in schools. 'Companies should be mandated to provide regular training for employees on data protection and online safety, as cyber threats are constantly evolving, particularly with the rise of AI (artificial intelligence),' he added.
