Malaysia’s Biggest Cyber Security Threats: How Serious Are Cyber Attacks?


Malaysia cyber attacks

Modern life is much more enjoyable as a result of a wide range of digital devices and the internet that enables them.

Every good item has a negative counterpart, and the modern digital world is no different.

Although the internet has improved our lives today, it has also presented a significant challenge to cyber security issues thereby leading to cyber attacks. 

What is a Cyber Attack?

Experts define cyber attack as an incident when a third party, also called as hacker gains unauthorized access to a system or network.

Cyber-attacks have a number of detrimental repercussions.

When a cyber attack takes place, it may result in data breaches, which can cause data loss or manipulation.

As a result, businesses suffer financial losses, a decrease in consumer trust, and reputational damage.

That’s why business must employ cybersecurity to prevent cyber attacks.

Top 15 Cyber Attacks in Malaysia

  1. Malware Attack
  2. Attack via Phishing
  3. Attack by Man-in-the-Middle
  4. Password Attack
  5. Attack via SQL Injection
  6. Denial-of-Service Attack
  7. Insider Threat
  8. Cryptojacking
  9. Zero-Day Attack
  10. Attack at the Fountain
  11. Traffic Interception
  12. DDoS
  13. Cross Site Attack
  14. Zero-Day Exploits
  15. Drive-By Attack

One cannot afford to be complacent when it comes to cyber security issues in today’s world given how dependent Malaysians are on the internet and digital technologies.

Malware Attack

malware types

One of the most common kinds of cyber-attacks are the malicious software viruses such as worms, spyware, ransomware, adware, and trojan horses are referred to as “malware.”

The trojan infection poses as trustworthy software.

A spyware is a type of cyber attack software that secretly takes all of your private information, whereas a ransomware cyber attack shuts down access to the network’s essential parts.

Attack via Phishing

One of the most prevalent and pervasive forms of cyber-attacks is phishing. It is a form of social engineering cyber security threat assault in which the perpetrator poses as a reliable contact and sends the victim phony emails.

Unaware of this cyber security threat, the victim opens the email and either opens the attachment or clicks on the malicious link. Cyber attackers are able to access private data and login passwords in this way.

A phishing assault also allows for the installation of malware.

Attack by Man-in-the-Middle

attack man in the middle

An eavesdropping cyber-attack is often referred to as a man-in-the-middle attack (MITM). In this cyber security threat, the attacker hijacks the session between a client and a host by interfering with two-party communication.

Cyber attackers steal and alter data in this manner.

Password Attack

It is a type of cyber attack where a hacker uses software and password-cracking tools like Aircrack, Cain, Abel, John the Ripper, Hashcat, etc. to decipher the password.

Password cyber security threats can take many different forms, including dictionary attacks, brute force attacks, and keylogger attacks.

Attack via SQL Injection

In this cyber security threat, a hacker modifies a typical SQL query on a database-driven website.

As a result, a SQL injection attack is launched. It spreads by inserting malicious code into a search box on a vulnerable website, forcing the server to reveal sensitive data.

Denial-of-Service Attack

A Denial-of-Service Attack poses a serious risk to businesses. In this type of cyber attack, cyber attackers target systems, servers, or networks, in this case, and bombards them with traffic to deplete their bandwidth and resources.

Insider Threat

As the name implies, an internal danger involves an insider rather than a third party.

In this case, it could be someone who works for the company and is familiar with its operations. The potential damage from these types of cyber attacks is enormous.


cryptojacking attack

Cryptojacking is a type of cyber-attack that has a lot to do with cryptocurrencies. When cyber attackers get access to other person’s computer to mine cryptocurrencies, this is known as “cryptojacking.”

Zero-Day Attack

After a network vulnerability is disclosed, a Zero-Day cyber attack occurs; in most circumstances, there is no fix for these types of cyber-attacks.

As a result, the vendor alerts consumers to the vulnerability; nevertheless, the information also reaches the cyber attackers.

Attack at the Fountain

Here, a certain group inside an organization, locale, etc., is the victim. In such a cyber security threat, the cyber-attack picks websites that the targeted group frequents regularly.

Websites are found either by attentively observing the group or by making an educated assumption.

Traffic Interception

Traffic interception cyber attacks, sometimes referred to as “eavesdropping,” happen when a third party “listens” to data exchanged between a user and a host.

Depending on the volume of traffic, different types of information are stolen, but important data or log-ins are frequently obtained by these cyber security threats.


DDoS attack
Source from:

Cyber attackers use the Distributed Denial of Service (DDoS) type of cyber attack technique to target servers and saturate them with user traffic.

The website that a server hosts goes down or performs so slowly that it becomes useless when it cannot handle incoming requests.

Cross Site Attack

Also knows as an XSS cyber attack, it is a situation where a third party aims to exploit a weak website with cyber security issues, usually one without encryption. Once a site has been targeted, harmful code is loaded.

This payload is sent to a user’s system or browser when they view the aforementioned website, resulting in undesirable behavior.

Either normal services are interfered with or user data is stolen by these types of cyber attacks.

Zero-Day Exploits

An exploit is a focused cyber-attack on a system, network, or piece of software that takes place following the identification of a “zero-day vulnerability.”

This cyber attack seeks to induce anomalous behavior, corrupt data, and steal information by taking advantage of a cyber security issues that has gone unnoticed.

Drive-By Attack

In these types of cyber attacks, a system or device gets infected with malicious malware through a drive-by attack.

The difference, though, is that in these types of cyber attacks, no user action is required; generally, users must click a link or download an application.

To prevent these cyber security threats, employees in Malaysia are suggested to not visit any non-work related website, but still, cyber attacks take place each day in Malaysia.

Businesses in Malaysia must consider getting security solutions such as Acronis Cyber Protect from security service providers like Exabytes Malaysia in order to prevent these cyber-attacks.

Exabytes Malaysia provides Acronis Cyber Protect plans from as low as RM 15.99 / month / license.

Contact an Exabytes professional today on WhatsApp or Email for more details!

Cyber Security Solution

Related articles:

How to Against Common Cyber Attacks in 2022

Malaysia Government Agencies That Are Deal With Cyber Security

Notify of
Inline Feedbacks
View all comments