HKCERT warns of Web Defacement Attacks Targeting Hong Kong

Release Date: 2 Oct 2014 2873 Views

Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT), which is operated by the Hong Kong Productivity Council warns the public to be vigilant to cyber attacks targeting their IT infrastructure.

 

Web defacement in Hong Kong is discovered. As of 7:00pm today Oct 2, 2014, there were 11 websites from various private business sectors being targeted. The attacker exploited the vulnerabilities of the web servers to inject their content without the authorization of the website owners. Six of the websites have been recovered.

 

HKCERT is working closely with the Office of Government Chief Information Officer and Hong Kong Police to tackle this threat. We are contacting the victims to provide advice on recovery and the Police is looking into the matter. HKCERT have also issued security alert to warn the public of the threat. We will continue to monitor the situation and keep the public informed. 

 

Enterprises and users can mitigate these attacks by following these steps immediately:

  • Patch the web server and web applications with the latest updates
  • Change all default application passwords
  • Use strong password or two-step verification
  • Restrict access and protect web administrator login page
  • Remove all unused modules and application extensions

 

If you have security incident report or enquiry, please contact HKCERT Hotline: +852 8105-6060 or Email [email protected]

Share with

Previous

HKCERT Annual Report 2013

3 Mar 2014 1420 Views

Next

HKCERT Urges the Public not to Participate in Cyber Attacks

6 Oct 2014 1802 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY