.png)
MALAYSIA is facing a dramatic escalation in cyber threats driven by artificial intelligence (AI), with more than half of organisations reporting a doubling or tripling of such attacks over the past year, according to findings from a recent regional survey commissioned by global cybersecurity firm Fortinet.
The study, conducted by the International Data Corporation (IDC) across 11 Asia-Pacific countries, revealed that 54 per cent of Malaysian organisations recorded a twofold rise in AI-enabled threats, while a further 24 per cent experienced a threefold increase.
Fortinet Malaysia Country Manager Kevin Wong said the data reflected a worrying trend in the evolution of cybercrime, with AI now enabling attackers to launch highly sophisticated, faster and more adaptive attacks than traditional, manually executed intrusions.
“To illustrate the scale, automation is driving up to 36,000 scam attempts every second, and we saw 97 billion exploitation attempts in just the first half of last year,” he said. “AI is multiplying this trend two to three times over.”
He added that, according to IDC, more than 100 billion stolen records linked to Malaysian organisations were being traded on the dark web.
“Credential theft alone has risen by over 500 per cent in the past year,” Wong noted. “Phishing attacks, now powered by AI, are becoming far more targeted and difficult to identify. Traditional cyber defence tools simply cannot keep up. This is why AI also needs to be deployed on the defensive front – to meet speed with speed.”
Wong warned that the nature of cyber risk had fundamentally changed, no longer appearing as isolated incidents but as an ongoing, evolving threat.
“Cybersecurity can no longer be reactive. With AI-driven threats, a proactive, intelligence-led approach is imperative. That is why we partnered with IDC – to gain insight into how security leaders across the region are responding, and where the most significant vulnerabilities remain.”
Despite the growing sophistication and frequency of attacks, cybersecurity investment remains low in Malaysia. Rashish Pandey, Fortinet’s Vice President of Marketing and Communications for Asia, Australia and New Zealand, highlighted that, on average, just 15 per cent of IT budgets in Malaysia are dedicated to cybersecurity, equating to just over 1 per cent of total company revenue.
“One of the core challenges is that cybersecurity is often framed in technical terms, which can be difficult for boards and senior leadership to contextualise,” Pandey said. “We are working to reframe the conversation around business impact, risk exposure, and strategic resilience.”
According to the survey, only 19 per cent of Malaysian organisations expressed high confidence in their ability to defend against AI-powered threats. A further 27 per cent acknowledged that these attacks are surpassing their detection capabilities, while 20 per cent admitted they are unable to detect them at all.
Ransomware remains the most prevalent threat, reported by 64 per cent of respondents in Malaysia. Other common risks include software supply chain breaches (54 per cent), insider threats (52 per cent), vulnerabilities in cloud infrastructure (46 per cent), and phishing (40 per cent).
The IDC survey, conducted between February and April 2025, gathered responses from 550 IT and cybersecurity leaders across the Asia-Pacific region. The report assessed the readiness of organisations to confront the rapidly evolving threat landscape shaped by the adoption and misuse of AI. - May 29, 2025
