Background

As a major investment holding company listed on the Main Market of Bursa Malaysia, the company operates in a highly regulated environment and must comply with various cybersecurity regulations, including the Cybersecurity Act 2024 of Malaysia (Act 854). This legislation aims to strengthen organizational cybersecurity frameworks, mandating businesses to implement comprehensive measures to safeguard digital assets and maintain investor confidence. However, in early 2024, the company suffered a ransomware attack that encrypted 90% of the data in one of its business units, resulting in severe operational disruptions and financial losses.

Incident Overview: Ransomware Attack Exposes Disaster Recovery Limitations

The ransomware attack encrypted 90% of the business unit’s data, and with a reliance on manual processes, the recovery effort was slow and inefficient, leading to significant operational downtime and significant losses. This incident underscored the limitations of the company’s existing disaster recovery (DR) tools and highlighted the urgent need for a more resilient and effective strategy.

“When our security engineer informed me that both the production storage and backup storage had been encrypted by hackers, I realized that traditional disaster recovery strategies were no longer sufficient,”

— Mr. Lim, the company’s Director of IT Infrastructure.

Challenges: Compliance and Critical Issues to Address

The Cybersecurity Act 2024 of Malaysia seeks to enhance organizational security frameworks, imposing stringent compliance measures to protect sensitive data. For a publicly listed company, adherence to this act is critical, as it directly impacts investor trust and regulatory standing. The act mandates comprehensive cybersecurity measures, including:

• Implementation of advanced cybersecurity protocols.

• Regular audits to ensure compliance and the effectiveness of security measures.

• Establishment of robust incident response plans.

Meeting compliance requirements while effectively protecting the business from ransomware attacks poses a significant challenge for the company. The recent ransomware incident revealed the following critical issues:

• Inefficient Data Recovery Tools: The existing tools were incapable of restoring critical data within a short timeframe.

• Encrypted Backup Storage: Both production and backup storage were compromised, rendering traditional disaster recovery strategies ineffective against ransomware.

Additionally, cybersecurity audits demand more resilient data protection and recovery methods, pushing the company to strengthen its DR strategy to ensure rapid recovery post-attack.

Solution: Implementing a Cross-Cloud Disaster Recovery Strategy with HyperBDR

To address these challenges, the company, with the assistance of cybersecurity and cloud infrastructure experts, leveraging HyperBDR to develop and implement a dual-layer, cross-cloud disaster recovery strategy enabled automated DR management across multi-cloud environments, maximizing business resilience and recovery speed.

Key Strategic Initiatives:

1. Migration of Production Workloads to the Cloud

The company shifted its production workloads to Huawei Cloud to reduce reliance on on-premises infrastructure while enhancing scalability and security. This move laid the foundation for subsequent cross-cloud disaster recovery efforts.

2. Automated DR in Another Availability Zone (AZ)

To increase redundancy, the company established a disaster recovery environment in a separate availability zone (AZ) within Huawei Cloud. HyperBDR’s proprietary Boot in Cloud technology automatically creates Huawei Cloud storage for data backups by invoking cloud APIs. During the recovery phase, it rapidly restores clean backup data into operational hosts on the cloud with one click.

With automated failover and recovery across different AZs, the company successfully built a highly available disaster recovery architecture, downtime was reduced to minutes, minimizing operational disruptions while ensuring business continuity.

3. Third Copy Stored on AWS

To strengthen data protection, the company adopted a dual-layer cross-cloud backup strategy using HyperBDR. This approach ensured that even if primary backup data on Huawei Cloud were compromised or lost, the system could seamlessly failover to AWS for restoration with a single click. By maintaining an additional copy on a separate cloud platform, the company protected against provider-level failures & compliance risks, enhancing business continuity, resilience, and adherence to industry best practices.

Outcomes and Benefits:

• Enhanced Business Cyber Resilience: The dual-layer cross-cloud strategy eliminated single points of failure, significantly strengthening the company’s overall security posture.

• Drastically Reduced Recovery Time: With HyperBDR’s one-click automated recovery capabilities, a process that previously took days was reduced to mere minutes.

• Regulatory Compliance Achieved: The new disaster recovery strategy fully aligns with the Cybersecurity Act 2024 of Malaysia, meeting audit requirements and boosting confidence among regulators and investors in the company’s business continuity and cybersecurity measures.

• Strengthened Investor Confidence: By prioritizing dual-layer cybersecurity and disaster recovery, the company reinforced investor trust, demonstrating a steadfast commitment to protecting stakeholder interests.

Conclusion

The ransomware attack sounded a wake-up call, revealing the shortcomings of traditional DR strategies against modern threats. Through HyperBDR’s cross-cloud DR solution, the company mitigated ransomware risks, met cybersecurity compliance, and ensured business continuity with seamless cloud recovery. As threats evolve, integrating technology with resilience is key to building intelligent security frameworks, especially for listed companies, to safeguard sustained growth and investor trust.