HKCERT alerts of DDoS Attacks Targeting Hong Kong

Release Date: 4 Oct 2014 1633 Views

Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT), which is operated by the Hong Kong Productivity Council alerts the public to be vigilant to cyber attacks targeting their IT infrastructure.
 
Distributed denial of service (DDoS) attacks and web defacement attacks targeting organizations in Hong Kong were recorded.

As of 5:00pm today Oct 4, 2014, there were 12 websites from various private business sectors being defaced. The attackers exploited the vulnerabilities of the web servers to inject their content without the authorization of the website owners. Three of the websites have not been recovered.

Furthermore we also found 12 non-government websites affected by DDoS attacks with 4 of them inaccessible during the time of monitoring.

While HKCERT will not disclose details of the victimized websites, we are working closely with relevant parties to help resume their normal service.

HKCERT has previously issued a security alert (/my_url/en/alert/14100201) on web defacement with mitigation measures.

Here we also like to advise enterprises and users to mitigate DDoS attacks by following these steps:

  • Minimize your network exposure by filter out unnecessary network traffic at the firewall
  • Update the intrusion prevention system with attack signatures
  • Patch the web server and web applications with the latest updates
  • For small amount of incoming attacking IP addresses, you can blacklist them at the firewall or with the help of ISP
  • For website hosted on cloud or content delivery network, the distributed network can diffuse some of the attacks near the source.
  • For large amount of incoming attack traffic from large number of sources, enterprise should consider seeking assistance from anti-DDoS service providers

 

HKCERT is working closely with the Office of Government Chief Information Officer and Hong Kong Police to monitor and tackle these threats.

If you have security incident report or enquiry, please contact HKCERT Hotline: +852 8105-6060 or Email [email protected]

Share with

Previous

Favourite Security Reads of the Week (3 Oct 2014)

3 Oct 2014 1265 Views

Next

Information Security Status Report -- Attacks Targeting Hong Kong (2014-10-05)

5 Oct 2014 1109 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY