Kaspersky Reveals Sharp Increase in Cyber Exploit Attacks Targeting Malaysia
PETALING JAYA: Cybersecurity threats in Malaysia continued to intensify in 2025 as exploit-based attacks targeting businesses and organisations rose by 40 per cent, according to the latest report released by Kaspersky.
The global cybersecurity company said exploit attacks remain one of the primary methods used by hackers to breach corporate systems by taking advantage of unpatched software vulnerabilities.
Malaysia recorded 416,962 exploit intrusion attempts last year, placing the country among the most affected markets in Southeast Asia.
The country ranked third highest in the region behind Indonesia, which recorded 932,051 incidents, and Vietnam with 587,217 cases.
According to Kaspersky, Southeast Asia as a whole recorded more than 2.3 million exploit attacks targeting hidden weaknesses within operating systems and organisational software applications.
Apart from exploit-related threats, the report also highlighted a growing number of Remote Desktop Protocol (RDP) attacks, a method commonly used by cybercriminals to remotely access targeted computers.
A total of 35.2 million RDP attack attempts were detected across Southeast Asia during the same period.
Malaysia registered 2.22 million RDP intrusion attempts, while Vietnam and Indonesia recorded more than 11 million and 10 million attempts respectively.
Kaspersky ASEAN and Developing Asia general manager Simon Tung said the increase in cyberattack activity showed that cybercriminals are becoming more aggressive and organised in identifying potential targets.
According to him, attackers often focus on organisations with weaker cybersecurity protection to make intrusions easier.
“Cyberattack patterns today are becoming increasingly complex and highly adaptive based on vulnerabilities discovered within a system.
“Organisations must strengthen digital protection using modern cybersecurity technologies and AI-powered threat intelligence systems capable of detecting risks at an early stage,” he said in a statement.
He added that outdated or unpatched systems remain one of the biggest causes of successful cyber intrusions.
As a result, organisations were advised to ensure all operating systems and software applications are updated regularly to reduce exposure to cyber threats.
Companies were also urged to limit the use of remote desktop services such as RDP and avoid exposing them to public networks unless absolutely necessary.
Kaspersky further recommended stronger password practices and consistent corporate data backups as additional safeguards against increasingly sophisticated cyber threats.
-wilayah.com.my
