In statement to theedgemarkets.com today, the Securities Commission Malaysia (SC) said it had directed Bursa Malaysia and brokers to be on high alert and to "implement necessary risk-mitigating measures" after detecting what it called anomalies in the market this week.

"To date, no significant disruption in trading has been noted and the market continues to operate in an orderly manner," an SC spokesperson said via email.

The SC added that it is working with relevant agencies, including the National Security Council and the Malaysian Communications and Multimedia Commission, to track and manage further potential threats.

"SC is engaging multiple stakeholders including the brokers, infrastructure and service providers to ensure their cyber security capabilities remain resilient," the spokesperson added.

In a separate statement to theedgemarkets.com, Bursa Malaysia Bhd said its infrastructure is protected against cyber threats. It has also put in comprehensive framework and controls based on various cybersecurity guidelines from various authorities, it said.

The authorities it referred to include the SC, the International Organization of Securities Commissions (IOSCO) and the Committee on Payments and Market Infrastructures (CPMI).

"As a critical national information infrastructure, Bursa Malaysia participates in the national cyber crisis and emergency readiness exercises coordinated by National Security Council and Cyber Security Malaysia," the regulator said via email in response to theedgmarkets.com's queries.

On early morning Wednesday, a distributed-denial-of-service (DDOS) attack hit a number of Malaysian stock broking firms. A DDOS hit occurs when the bandwith of a targeted system is flooded with traffic — typically from hijacked or infected machines — to overwhelm the system's capacity and render its services inaccessible.

It is learnt that the attack was targeted at the brokers' online trading platform to deny user access and did not affect trading access via broker premises. A fund manager said the impact was mostly on retail trading.

Sources said institutional traders such as the Employees Provident Fund (EPF) were not affected. theedgemarkets.com was also told that some brokering firms have now moved to block access to their trading systems from overseas IP addresses.

The Malaysian Reserve reported that the attackers had demanded ransom payments via bitcoins from the targeted firms.

Other reports said the Malaysian police, the Malaysian Communications and Multimedia Commission (MCMC) and the National Cyber Security Agency (NCSA) are investigating the attack.

When contacted, a senior official of the National Security Council referred queries to the MCMC, which in turn referred theedgemarkets.com's queries to the National Cyber Coordination and Command Centre (NC4). At the time of writing, phone calls to NC4 had not been answered.

The cyberattack on stock broking platforms is reminiscent of similar attacks on Hong Kong brokers.

Reuters reported that in a Jan 26, 2017 circular, the Hong Kong Securities and Futures Commission (SFC) warned that attacks may happen again across the securities industry and urged firms to adopt security measures.

Last April, the South China Morning Post reported, citing information from the SFC, that the 20 hacker attacks over 18 months up to April 2017 had caused investor losses of up to HK$110 million.

The latest ransom attack follows the WannaCry ransomware attacks worldwide in May, which also hit several Malaysian companies. That global attack reportedly infected over hundreds of thousands of computers across more than 150 countries.

On June 27, another wave of ransomware attacks via a virus called Petya hit companies across Europe, United States and South America, mostly affecting Russian and Ukrainian users and demanding bitcoins in exchange for restoring machine access.

The Petya virus attack forced the Ukrainian stock exchange to halt trading on June 29 as its clearing infrastructure saw operations failure.

However, subsequent reports said analysis of the Petya virus found it was designed to wipe computers outright, implying the attackers had sabotage in mind, with no intention to restore the machines regardless of whether the ransom was paid.