Cyber Security Incidents Surge 52%, HKCERT Warns of Rising Ransomware & Mobile Attacks

The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) of the Hong Kong Productivity Council (HKPC) today (21 January 2014) alerts businesses and the public of rising security threats as it recorded 1,593 security incidents in 2013, up 52% from 2012; and identified over 8,300 ‘invisible bot machines’ in Hong Kong in the fourth quarter of 2013.

Analysing the cyber security scene in Hong Kong, Mr Leung Siu-Cheong, Senior Consultant of HKCERT, said, “Cyber security activities are becoming camouflaged, if not invisible. Owners of compromised computers are unaware that their computers are being used to attack others on the Internet. To get a clearer picture of the cyber security scene in Hong Kong, HKCERT is working with global security researchers to collect data to proactively identify these ‘invisible bot machines’, or compromised computers.”

“Further analysis of the rising trend of security incidents and the uncovering of ‘invisible bot machines’ shows that ransomware, botnet, web and mobile attacks will proliferate in 2014,” he added.

This year, emerging security threats such as ransomware, hijacking of system servers to launch powerful attacks, and hacking of cloud user accounts to steal data for financial gains are expected. With the growing trends of mobile payments and ‘Bring-Your-Own-Device’ at work, mobile attacks may also become more mature and sophisticated.

“Organizations, especially SMEs, and the public should pay more efforts to protect sensitive data. On top of regularly backing up the data and keeping it at a safe offline location to minimize risks of ransomware, they should use strong encryption to protect data while transferring files through untrusted channels. The public must also implement proper security measures on their mobile devices, and use strong passwords and two-step authentication in Internet services. In addition, they should be wary of unsolicited software or hyperlinks,” Mr Leung advised.

Apart from publishing latest statistics on security incidents at regular intervals, HKCERT will also assist local Internet service providers to clean up their clients’ infected computers, enhance its coordination role in combating territory-wide attacks and strengthen communication with local critical infrastructure organizations.