KUALA LUMPUR: Top executives of firms, such as CEOs, are the most likely targets for phishing emails and ransomware attacks, according to cybersecurity company Trend Micro Malaysia Sdn Bhd.
Its manager of technical sales Law Chee Wan said this was because these officers had the power to authorise wire transfers of money.
The Malaysian Reserve (TMR) quoted Law as telling a cybersecurity briefing last week that the scam was known as a business email compromise (BEC).
“A phishing email could be anything, an invitation or e-card. A keylogger will be installed on the system and hackers will try to capture a person’s credentials via the keystrokes that are made.
“The hacker will then create other applications to trick the company into paying the ransom,” he was quoted as saying.
According to the report, there are predictions that losses from BECs will hit RM34.9 billion in 2018. Law said the US Federal Bureau of Investigation had stated that BECs were expected to increase 2,370% year-on-year.
The report did not give any example of such incidences in Malaysia.
It said the European Union’s (EU) General Data Protection Regulation, to be implemented in May, would have broad implications for businesses, including Malaysians doing business with EU nations.
Under this law, any security breach must be reported within three days and must include the nature of the breach, along with the individuals impacted. Businesses face a fine worth 4% of the company’s annual revenue if they do not comply.
Trend Micro managing director Goh Chee Hoh was quoted as saying that although ransomware was spreading at record-breaking speed, some companies had a very complacent attitude towards it.
“User behaviours have changed drastically in the last 10 years, so have infrastructures. People have to be aware that one solution will not protect all. Instead, we need to take a more proactive approach,” he said in the report.