A strategic outlook for businesses in Malaysia

As digital transformation speeds up, the cybersecurity landscape becomes increasingly intricate. Our report, ‘Cyber Threats 2024: A Year in Retrospect,’ outlines crucial threat actors, trends and motivations from last year—compelling companies worldwide, including those in Malaysia, to stay vigilant.​

Malaysian CEOs are prioritising cyber risk over concerns like macroeconomic volatility and inflation, as the surge in ransomware and cyber activities disrupt operations. We see similar sentiments in our recent survey on Malaysian corporate directors, where cyber risk was cited as the foremost threat. ​

Cyber threat escalations and misinformation challenges in 2024​

2024 was a year of emboldened cyber threat activities in Malaysia with several high-profile incidents. It started with a prolific hacktivist threat actor—R00tK1T ISC CyberTeam (R00TK1T)—announcing its intentions to initiate a campaign specifically targeting Malaysia’s digital infrastructure on 26 January 2024. While R00TK1T halted attacks one month after their initial announcement, multiple organisations, including government agencies, national databases and private firms, had already fallen victim to their attacks. This included web defacements, unauthorised access and data breach.

Our Global Threat Intelligence reports a 29% increase in ransomware victims on leak sites compared to 2023. Beside the rather steep increase in ransomware cases, we observed a rise in the use of artificial intelligence (AI) technology in cyberattacks as well. In February 2024, a local bank narrowly avoided a deepfake scam, where AI-generated video calls mimicked an employee to authorise a fraudulent multimillion-ringgit transfer. This highlights the growing threat of AI-powered deception in the cybersecurity landscape. A similar attack happened in Hong Kong which resulted in millions in losses for the private firm involved.

Globally, in 2024, misinformation and disinformation campaigns play out across multiple platforms, from social media and instant messaging channels to more traditional platforms like mainstream media outlets and security blogs, with Malaysia also affected. In mid-2024, a dark web post claimed to have leaked customer information and login credentials from a major Malaysian bank, though the bank denied any breach. This incident highlights the rise of disinformation campaigns by cybercriminals to manipulate public perceptions. The quick removal of the post and data inconsistencies suggest that it may have been an attempt to resell old breaches as new. Such tactics, often aimed at governments, are now increasingly used against private sectors to damage reputation.​

Malaysia’s ongoing cybersecurity battle​

Going into 2025, it seems that the challenge of addressing cyber threats remains unrelenting. Malaysia has already faced a wave of cybersecurity incidents as of May 2025, including unauthorised share purchases on Bursa Malaysia due to compromised trading accounts, causing significant financial turmoil. A similar incident occurred in Japan this year, where Japanese financial accounts were compromised, resulting in nearly USD $2 billion in unauthorised trades.

The transportation sector also experienced substantial breaches, with KLIA computer systems attacked in March 2025 with a USD $10 million ransom demand. While the operations remained unaffected, it became apparent that Malaysian organisations are becoming frequent targets for cyber threat activities.

Our PwC Global Threat Intelligence data indicates that ransomware has emerged as a significant threat to Malaysian firms, with notorious operators like RansomHub, Qilin and Lynx active in the region. From January to May 2025, ransomware attacks surged, with 16 victims exposed on leak sites—almost eclipsing the total for all of 2024 (19 in total). Within these leak site postings, the civil aviation sector has been the most frequently targeted by ransomware operators.​

CyberSecurity Malaysia continues to emphasize the need for companies to enhance awareness and initiatives targeting not just external threats, but internal threats as well—advocating for a comprehensive approach to fortify an organisation's cybersecurity posture.​

The start of a long journey—building both Malaysia’s and ASEAN’s cyber fortress​

At the national level, Malaysia has made progress on the legislative front. The Cyber Security Act 2024 marks a significant step towards enhancing Malaysia's cybersecurity framework and cyber defence. It establishes clear obligations and responsibilities for  National Critical Information Infrastructure (NCII). The Act also mandates licensing for cybersecurity service providers and requires NCIIs to adhere to specific security measures, including compliance with the forthcoming Code of Practice, which will be established by each NCII sector lead. Furthermore, the National Cyber Security Agency (NACSA) has announced the drafting of a new Cybercrime Bill to replace the outdated Computer Crimes Act 1997, which is set to be tabled in Parliament in October 2025.

As the Chair of ASEAN in 2025, Malaysia leads the charge on the ASEAN Digital Economy Framework Agreement (DEFA), emphasising cybersecurity as a key pillar. With the recent launch of the Malaysia Cybersecurity Strategy (2025-2030), our nation further extends its leadership to the ASEAN Cybersecurity Collaboration Strategy 2026-2030, scheduled for completion by the end of the year.​

To ensure robust protection against cyber threats, Malaysia must align both domestic and regional cyber security efforts, fostering a cohesive approach that reinforces resilience and collaboration across all levels. Building synergy between national initiatives and ASEAN-wide strategies will be vital in establishing a secure digital landscape throughout the region.

Key takeaways for Malaysian businesses in tackling cyber threats​