Malaysia’s Threat Landscape in 2026

Malaysia has experienced a significant rise in cyber threats in recent years. From 2023 to 2025, the country recorded an increase of over 100% year-on-year (YoY) in reported cyber incidents. Among these incidents, the Education, Logistics, and Conglomerate sectors were identified as the most frequently targeted industries. This reflects a growing trend where attackers focus on sectors that manage large amounts of sensitive personal and financial data, or industries that rely heavily on operational continuity. Reports also suggest that a substantial portion of malicious activity targeting Malaysia originated from overseas infrastructure, with more than 50% of attacks traced back to systems located in the United States. This highlights the increasingly global nature of cybercrime, where threat actors can launch attacks from virtually anywhere in the world.

More recently, a 2026 report further emphasized the seriousness of the issue, stating that Malaysia now ranks 6th in Southeast Asia for cyberattacks. Alarmingly, the same report estimated that Malaysia faces an average of 152 breached accounts for every 100 individuals, indicating that many individuals may have multiple compromised accounts. This suggests not only an increase in the volume of attacks, but also an expansion in the scale and reach of cybercriminal operations, particularly those involving credential theft, phishing campaigns, and large-scale data breaches.

Businesses in Malaysia have also become prime targets. According to a report by Kaspersky, Malaysian businesses were among the most targeted entities for web-based cyberattacks. Malaysia was ranked second globally in terms of web-based threats, demonstrating how frequently organizations are exposed to malicious websites, drive-by downloads, phishing links, and browser-based exploitation attempts. These attacks often serve as entry points for more damaging intrusions, such as ransomware, credential harvesting, or the installation of spyware. Beyond the immediate disruption caused by such attacks, the financial consequences can be severe. Studies estimate that businesses in Malaysia face an average loss of RM3.2 million per breach, taking into account downtime, recovery costs, reputational damage, customer loss, and regulatory penalties. For small and medium-sized enterprises (SMEs), even a single successful breach can be enough to cause long-term financial strain or even force closure.

Malaysia has already witnessed several high-profile incidents that highlight the growing threat landscape. One of the most widely reported cases involved Malaysia Airports Holdings Berhad (MAHB), which suffered a ransomware attack around March 2025. In that incident, attackers reportedly demanded USD 10 million in exchange for a decryption key. Events like this demonstrate the increasing boldness of threat actors and the high value they place on critical infrastructure. Ransomware attacks are especially dangerous because they do not only compromise confidentiality, but can also disrupt operations by locking down key systems and preventing organizations from functioning normally. In industries such as transportation, healthcare, and logistics, such disruption can have serious ripple effects across the wider economy.

Looking ahead, the rapid advancement of artificial intelligence is expected to further intensify the cybersecurity threat environment. AI is increasingly being weaponized by cybercriminals to scale attacks and make them more effective. CrowdStrike reported an average YoY increase of 89% in AI-assisted cyberattacks, and analysts predict that this trend will continue rising in 2026 and beyond as AI tools become more accessible, more powerful, and easier to use. Attackers can now use AI to automate reconnaissance, identify vulnerabilities faster, and craft highly convincing phishing messages that mimic legitimate writing styles. AI can also enhance social engineering attacks by generating realistic fake identities, messages, and scenarios that manipulate victims into revealing sensitive information.

One of the most concerning developments is the rise of deepfake technology. Deepfakes can be used to impersonate executives, employees, or public officials through fake video and audio recordings, making fraud attempts significantly more convincing. Malaysia’s National Cyber Security Agency (NACSA) issued warnings in 2025 about the increasing accessibility of deepfake tools and their growing use by adversaries. This is particularly dangerous for organizations because it increases the risk of business email compromise (BEC), financial fraud, and identity-based attacks. For example, an attacker could use a deepfake voice call to impersonate a CEO requesting an urgent funds transfer, or to trick employees into sharing confidential internal data.

Overall, the data indicates that Malaysia’s cyber threat landscape is expanding both in frequency and sophistication. Cyberattacks are no longer limited to basic malware or isolated hacking attempts; they are now coordinated, financially motivated, and increasingly supported by advanced automation and AI-driven tools. As a result, organizations across all industries must prioritize cybersecurity as a strategic necessity rather than a technical afterthought. Stronger defenses, proactive monitoring, improved employee awareness training, and effective incident response planning will be critical in reducing cyber risk and protecting both national infrastructure and business operations in the years ahead.

References:

Business Today. (2026, April 13). Businesses in Malaysia among highest target for web-based cyber threats. https://www.businesstoday.com.my/2026/04/13/businesses-in-malaysia-among-highest-target-for-web-based-cyber-threats/

Business Today. (2026, May 9). Malaysia ranked 6th in Southeast Asia for cyberattacks. https://www.businesstoday.com.my/2026/05/09/malaysia-ranked-6th-in-southeast-asia-for-cyberattacks/

CrowdStrike. (2026). CrowdStrike 2026 global threat report. https://go.crowdstrike.com/rs/281-OBQ-266/images/CrowdStrike-2026-Global-Threat-Report.pdf

Free Malaysia Today. (2025, March 25). MAHB system hacked with US$10mil demanded, says PM. https://www.freemalaysiatoday.com/category/nation/2025/03/25/mahb-system-hacked-with-us10mil-demanded-says-pm/

Free Malaysia Today. (2025, November 28). Nacsa warns of deepfake crime wave, urges platforms to step up. https://www.freemalaysiatoday.com/category/nation/2025/11/28/nacsa-warns-of-deepfake-crime-wave-urges-platforms-to-step-up/

Free Malaysia Today. (2026, April 23). Data breaches to cost RM3.2 million in 2026, says report. https://www.freemalaysiatoday.com/category/nation/2026/04/23/data-breaches-to-cost-rm3-2mil-in-2026-says-report/

New Straits Times. (2026, February 13). Cybercrime bill to be tabled next month, online fraud losses hit RM2.9 billion. https://www.nst.com.my/news/nation/2026/02/1371060/cybercrime-bill-be-tabled-next-month-online-fraud-losses-hit-rm29b/

Simply Data. (2025). Malaysia cybersecurity threat report 2025. https://www.simplydata.com.my/malaysia-cybersecurity-threat-report-2025/#overview/