Kaspersky: A slight drop in web threats in 2023, not enough reason to be complacent

Cybercriminals know no borders, and Malaysia’s vibrant digital sphere is no exception. To shed light on the evolving web threats in Malaysia, the global cybersecurity and digital privacy company, Kaspersky released data analysing the web threats detected in the country in the last two years.

Globally, Kaspersky’s detection systems discovered an average of 411,000 malicious files every day, with an increase of nearly 3% in 2023. Kaspersky’s system also detected almost 125 million malicious files in total in 2023, with Windows continued to be the primary target for cyberattacks.

In Malaysia, Kaspersky solutions blocked a total of 26,854,304 online threats which targeted Malaysian users last year. It’s a 28% drop from 2022’s number of threats detected at 37,187,104.

Web threats are spread through malicious programs, most used by cybercriminals to penetrate systems, through exploiting vulnerabilities in web browsers and plugins. These attacks could also be done through social engineering, where user participation is required, through tricking the user to download the malicious file.

Despite the slight dip in the number of web threats last year, Malaysia is on the second place in Southeast Asia when it comes to this threat, just after the Philippines.

“A slight drop in web threats detected last year does not warrant complacency. The Royal Malaysia Police detected 494 cases of impersonation scams involving losses of RM2.5 million in 2023. This proves that the aftermath of even a single successful cyberattack can have serious damages to individuals and enterprises alike,” says Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

“Cyberattacks are escalating with AI-powered scams, growing vulnerabilities, and lower entry barriers for criminals. Our experts also see that phishing, data breaches, and cyberespionage campaigns will continue to grab headlines this year. To combat these threats, consumers need a robust beyond anti-virus solution and companies require an intelligence-led enterprise security solutions and services,” he adds.

To stay protected, Kaspersky recommends users the following:

• Do not download and install applications from untrusted sources
• Do not click on any links from unknown sources or suspicious online advertisements
• Create strong and unique passwords, including a mix of lower case and upper case letters, numbers, and punctuation, as well as activating two-factor authentication
• Always install updates
• Ignore messages asking to disable security systems for office or cybersecurity solution
• Use a robust cybersecurity solution appropriate to your system type and devices

For organisations, Kaspersky recommends the following:

• Always keep software updated on all the devices to prevent attackers from infiltrating network by exploiting vulnerabilities
• Use strong passwords to access corporate services. Use multi-factor authentication for access to remote services
• Choose a proven endpoint cybersecurity solution for business that is equipped with behaviors-based detection and anomaly control capabilities for effective protection against known and unknown threats
• Use dedicated set of effective endpoint protection, threat detection and response products to timely detect and remediate even new and evasive threats
• Use the latest threat intelligence information to empower your security experts