18 Main Board firms hit by malware infections in November

18 Main Board firms hit by malware infections in November

Another concerning statistic was that 478 listed companies suffered data leaks.

LGMS Bhd says it is worrying many listed companies had their data compromised and were unaware of it.
PETALING JAYA:
Eighteen companies listed on Bursa Malaysia’s Main Board were hit by malware infections while another 478 companies suffered data leaks in November.

These findings were in the ‘Listed Malaysian Companies Cybersecurity Ratings’ study by cybersecurity company LGMS Bhd.

Involving 783 Main Market-listed and 160 Ace Market-listed companies, the study found seven companies had their databases exposed, 37 had remote desktop protocol (RDP) exposed, and seven had their remote sync (RSYNC) service observed.

RDP is a protocol that enables users worldwide to access and control a computer, while RSYNC is a software tool to transfer files to a remote server.

In a statement today, LGMS COO and associate director Gilbert Chu said the fact main board-listed companies have had their data compromised and were probably unaware of it was concerning.

“Malware can use known software vulnerabilities to infect computers, potentially giving hackers access to the organisation’s network, with one of the worst scenarios being ransomware,” he said.

Ransomware is malicious software designed to block access to a computer system until a sum of money is paid. These attacks are increasingly becoming popular among cybercriminals as it generates substantial profits.

One of the worst incidents was in 2017 when the Wannacry ransomware crippled systems in dozens of countries worldwide, including Malaysia, compromising banks, hospitals and government agencies.

To mitigate these risks, Chu encouraged organisations to perform vulnerability assessment and penetration testing exercises.

“These exercises would help to improve the organisations’ cybersecurity resilience so that they are better safeguarded in the cyber world,” he added.

The Listed Malaysian Companies Cybersecurity Ratings study is conducted on a monthly basis, using a combination of data points collected organically or purchased from public and private sources, before applying proprietary algorithms to articulate an organisation’s security effectiveness into a quantifiable score.

The ratings are backed by evidence collected from publicly available sources only, including data sourced from the dark web, said LGMS.

It said that during the public data collection process, no vulnerability scans nor penetration testing exercises were conducted on the subjects.

LGMS was recently recognised by the Asian Oceanian Computing Industry Organisation for tech excellence in cybersecurity.

Stay current - Follow FMT on WhatsApp, Google news and Telegram

Subscribe to our newsletter and get news delivered to your mailbox.