Ransomware continues to be a significant threat to small and medium-sized businesses (SMBs) in Southeast Asia, with Malaysia experiencing a notable rise in attacks. According to Kaspersky’s latest findings, 2.74% of Malaysian SMBs were targeted in the first quarter of 2026, compared to 2.09% during the same period last year. Across the region, 3.51% of SMBs faced ransomware attacks, up from 2.92% in Q1 2025.
The increase in ransomware incidents highlights the evolving tactics of cybercriminals who are increasingly targeting SMBs as entry points into larger supply chains. Kaspersky’s security expert, Fedor Sinitsyn, emphasised the complexity of these threats, noting that “SMB owners cannot afford to underestimate the complexity and risk of ransomware threats.”
Kaspersky’s report also identified Clop ransomware as the most prolific group, responsible for 14.42% of victims on Dedicated Leak Sites. The Gentlemen, a rapidly expanding group, has also gained notoriety for its sophisticated tactics, including collaboration with Initial Access Brokers to infiltrate organisations.
Adrian Hia, Managing Director for Asia Pacific at Kaspersky, stressed the importance of a layered cyber protection strategy for SMBs, which often lack the resources for dedicated cybersecurity teams. He noted that attackers view SMBs as gateways into broader supply chains, making robust cybersecurity measures essential.
To combat these threats, Kaspersky recommends updating software regularly, focusing on detecting lateral movements and data exfiltration, and implementing advanced threat discovery solutions. Developing an incident response plan that includes supply chain attacks is also advised.



