In Malaysia, the growing use of generative AI tools has opened a new front: cyber attacks exploiting the popularity of ChatGPT, DeepSeek, and Claude have surged, and the blend with weak security habits is producing a spike in breaches. Kaspersky's latest report paints a stark picture: 87% of Malaysian respondents use AI services to search for information, 63% employ them for work tasks like report writing and data analysis, yet only 57% have enabled two-factor authentication. 44% still rely on easy-to-remember passwords. Hybrid work, adopted by over 70% of businesses, mixes personal and professional devices, accounts, and networks, making traditional security boundaries evaporate.
Attack figures for 2025 are a red flag: 194,692 spyware detections against Malaysian organizations (+75% year-on-year) and 212,239 backdoor attacks (+86%). Globally, between January and May 2026, Kaspersky counted over 92,000 malware attacks disguised as AI applications, with fake ChatGPT versions accounting for nearly half. SMBs suffered 33,300 global attacks in the first four months of the year, five times the same period in 2025. In Southeast Asia, attempts against small and medium businesses grew nearly sevenfold.
The perimeter that no longer exists
The dynamic is clear: employees use public AI chatbots to save time, often pasting sensitive data without oversight. They do it from home, a coworking space, or on the move, bypassing IT controls. A bogus ChatGPT client, masquerading as an update, silently installs a credential-stealing trojan. Cyber criminals don't need to breach firewalls: they exploit trust in familiar brands and weak individual habits.
The answer cannot be only educational. An architectural shift is needed. When a company adopts a self-hosted LLM, running on local hardware, it regains control over its data. A private interface, accessible via VPN or internal network, keeps every prompt and response away from third-party servers. Authentication can integrate with corporate systems (AD, SSO), and granular policies can limit which models and datasets each department can query. Of course, on-premise does not eliminate risk: insider threats and the need to patch libraries remain. But the attack surface shrinks dramatically, because the extended supply chain of cloud providers and the compulsive download of unverified "AI apps" vanish.
Real costs and digital sovereignty
The total cost of ownership (TCO) of an on-premise solution – with GPUs offering enough VRAM for quantized models, storage for fine-tuning, and MLOps skills – can seem high. Yet it must be weighed against breach losses: intellectual property theft, regulatory fines, operational downtime. In regulated sectors like finance and healthcare, air-gapped deployment is already a chosen path to maintain data sovereignty. Malaysia's experience confirms that cloud convenience does not equal security.
The wave of attacks in Asia-Pacific is not an anomaly but a structural signal. The ease with which malware masquerades as an AI service shows that brand trust cannot replace technical control. Organizations that bring inference in-house not only lock down information but also enable deep model customization on their own data, closing the productivity loop without exposing critical assets. The challenge is cultural and architectural: containerization, orchestration, dedicated teams. But it is the road to resilience that refuses to blindly trust the latest plugin.
💬 Comments (0)
🔒 Log in or register to comment on articles.
No comments yet. Be the first to comment!