How Malaysia is fighting organised cyber crime

By Amanda Oon

Dr Amirudin Abdul Wahab, CEO of CyberSecurity Malaysia on how cyber-crime groups are the new business giants and why international collaboration is crucial to protect critical national infrastructure.

The outdated image of a lone hoodie is long past. Cybercrime groups of today are more likely to resemble high-flying corporations than a solitary hacker and his laptop. According to research by IBM and Google, organisations in this underground ecosystem often mimic those in the parallel economy they’re targeting.

In Malaysia, where online attacks have surged by 82.5 per cent during the pandemic, smooth cyber-criminals are capitalising on the rise in new technologies and remote working platforms for profit.

Dato' Dr. Haji Amirudin Abdul Wahab, CEO of CyberSecurity Malaysia talks to GovInsider about public private partnerships, linking up with law enforcement and the facts behind the rising figures of organised cyber-crime.

The new face of faceless crime

As threats become more sophisticated, the groups that launch them have also evolved, into smooth operators with corporate structures. Amirudin believes that understanding this structure is the first step to proactive defence.

“They function just like any multinational corporation”, he describes. “They have a CEO. They have marketing. They have structure. That’s why they call it organised crime.” And like any multinational business, resources aren’t restricted to the local region. “They can get the best expertise in any country coming to work together.”

Like most ambitious organisations, these cyber-groups are driven by gross profit as much as personal gain. With the drive towards digital payments and FinTech in Malaysia, there has been a rise in money-motivated attacks on the financial services.

CyberSecurity Malaysia’s close partnership with the commercial crime department of the Royal Malaysian Police helped them to identify Fraud as a top priority for digital crime. “In just the first month of this year, they told me there were 8808 reported cases of cyber-Fraud”, Amirudin reveals. It’s a sharp increase, and one that Amuridin links directly to a rise in connected infrastructure. “In the context of a digital nation, everything goes digital, including crime”, he observes.

Advancing AI to stay ahead

If innovation has left us more open to attack, can it also help strengthen our defence? Amirudin believes that AI can be critical in helping threat intelligence efforts. “No matter what we do, cyber-attacks will happen. As such, you need to… have the capabilities to detect and predict. That’s where you can use technologies like AI”.

To help nurture a growing local cyber-solutions market, his agency has formed partnerships with select digital solutions providers to “leverage AI to understand more advanced threats” and remain active to a constantly changing threat market.

When dealing with borderless crime, cybersecurity too needs to cross borders. As Chair of the Asia Pacific Computer Emergency Response Team (APCERT), CyberSecurity Malaysia joined 18 other APAC countries and 31 international teams this April in an APCERT ambitious international cyber-attack simulation, where nations worked together to take down a fictional cybercriminal’s infrastructure.

The keyword is collaboration

When it comes to a shared approach, how much should be on the table? “There are things that you should share; there are things where you can work together; there are things you have to do on your own”, he says. Still, he insists that “laws that only focus nationally will find themselves…limited”. Bilateral and cross-regional platforms are important, but governments should also push towards a common set of goals to tackle common threats and issues.

Among the most prevalent of these issues is the cybersecurity skills shortage. CyberSecurity Malaysia is working closely with government, industry and academia to develop a series of training and certification programmes to upskill and empower the next generation of cybersecurity professionals against rapidly evolving threats.

His agency has worked with various bodies including the anti-corruption commission, the central bank and police, on both a national and international level. “The ITU (International Telecommunication Union) Global Cybersecurity Index have rated Malaysia in the top 10 in the last three years”, Amirudin says.

As cyber criminals get more organised and well-resourced, countries will have to balance national interests and international collaboration to create a trusted digital space.