Ensign Warns: Indirect Attacks Just as Worrisome as Sophisticated, AI-Assisted Threats Emerging Fast
Because Organisations Can No Longer Rely Solely on Perimeter Defences or Traditional Assumptions About Attackers

There is a trade-off to a rapidly booming digital economy: the threat of a cyberattack grows exponentially. Worse, according to Ensign InfoSecurity Malaysia Senior Director Jeremy Moke, attacks are becoming increasingly discreet, to the point that organisations are sometimes lulled into a false sense of security.
“Large organisations may feel secure against traditional categories of ‘state actors’ or ‘cybercrime’, yet are blindsided by persistent, indirect attacks that occur within the cyber supply chain,” said Moke, who also warned of attacks that expose sensitive data without triggering alarms.
That is because threat actors are taking their time, moving slowly but deliberately to avoid detection and remain within systems for as long as possible to ensure long-term access and successful data exfiltration.
Ensign Finds Alarming Trend Across Asia Pacific
Alarmingly, this is exactly what is happening across Asia Pacific. According to Ensign’s latest Cyber Threat Landscape Report, maximum dwell time has increased from 49 days to more than 200 days year-on-year. That prolonged period allows attackers to go undetected while quietly setting up access and extracting data.
“These timeframes give threat actors enough room to steal data, move laterally, and entrench themselves before containment even begins,” Moke explained.
Complicating matters further is third-party access, which Moke described as a major weak point. What happens, according to Moke, is that cyber adversaries no longer need to attack organisations directly. Instead, they look for the least protected vector and pounce on that weakness—quietly and one step at a time. By the time the targeted organisation can take steps towards containment, the damage has already been done.
“In highly interconnected markets like Malaysia, attackers increasingly exploit the weakest link rather than the primary target itself,” Moke pointed out. “A compromise at a law firm, consultancy, software provider, or even an IoT or OT hardware vendor can ripple through corporate networks…”
Artificial Intelligence Changes Cybersecurity Calculus, Says Ensign
Then there is Artificial Intelligence (AI). Moke expects AI-powered threats to increase overall attack volume in Southeast Asia, as it lowers the barrier to entry for threat actors. Moreover, AI “enables threat actors to expand their operations by making advanced techniques easier to use and repeat,” according to Moke, making an already dangerous cybersecurity landscape even more perilous.
A natural response would be to deploy AI-enabled security tools. However, this is not a silver bullet in today’s threat-infested environment, Moke cautioned, warning that the use of AI for defence can introduce new issues and even unnecessarily expand the attack surface.
“Poorly governed or superficially integrated AI can automate bad decisions and introduce new attack surfaces,” Moke said.
As cyber threats grow more subtle, persistent, and interconnected, organisations can no longer rely solely on perimeter defences or traditional assumptions about attackers. Moke’s warning underscores the need for stronger governance, deeper visibility across supply chains, and a more measured approach to adopting emerging technologies such as AI.
And in an environment where attackers are patient and increasingly indirect, resilience will depend not just on advanced tools, but on disciplined strategy, vigilance, and informed risk management.



