Most Malaysian software supply chains hit by cyberattacks

 

A survey by BlackBerry Ltd found that over 79% of Malaysia’s software supply chains are exposed to cyberattacks, surpassing the global average of 76%. (AFP pic)

PETALING JAYA: 

A new study by BlackBerry Ltd has revealed that a majority of Malaysian IT decision-makers reported receiving notifications of an attack or vulnerability in their software supply chain within the past 12 months.

The intelligent security software provider, which surveyed 100 Malaysian companies, stated that over three-quarters (79%) of the country’s software supply chains were exposed to cyberattacks, surpassing the global average of 76%.

It said nearly a third of Malaysian respondents identified operating systems (30%) and Internet of Things (IoT)/connected components (19%) as the most at-risk, with these areas continuing to have the greatest impact on organisations.

This risk comes at a price, with financial loss (71%), reputational damage (66%) and data loss (59%) being the most significant consequences following a supply chain attack,

 the company said in a statement.

The insights from a global survey of IT decision-makers and cybersecurity leaders, conducted in April 2024 by Coleman Parkes, follow the Malaysian government’s recent gazetting of the 2024 Cyber Security Act (Act 854) on June 26 and the announcement of its National Semiconductor Strategy (NSS) in May.

The findings underline the profound need for secure-by-design software practices for IoT components and robust regulation to strengthen security and protect the IT supply chain, aligning with the NSS’s plans for investment in skills and technology.

The study confirmed that Malaysian organisations have implemented stringent security measures to prevent software supply chain attacks, including security awareness training for staff (58%), data encryption (48%), and multi-factor authentication (47%).

However, vulnerability disclosure was ranked lower (43%).

Although the Software Bill of Materials (SBOMs) was rated even lower (40%), international regulatory and compliance requirements may elevate its importance over the next 12 to 24 months, particularly for manufacturing companies designing and trading technology components with global markets,

 it said.

BlackBerry Cybersecurity’s chief information security officer, Christine Gadsby said progressive governments, like Malaysia, are increasingly implementing regulatory measures and investing in skills and technology to safeguard critical infrastructure and key industries from cyberattacks.

“In an uncertain geopolitical climate, widely distributed sectors such as semiconductor manufacturing remain lucrative targets for threat actors seeking maximum global impact.

Hence, a comprehensive approach to cybersecurity encompassing all aspects, including skilled workers, secure-by-design products, and modern AI monitoring tools will contribute to building trust in key Malaysian industries and future economic growth,

 she said. - FMT