Prepare for more cyberattacks involving extortion this year, Hong Kong information security watchdog warns

Cybersecurity complaints rose last year with a surge in malware attacks, a trend that is unlikely to abate this year

Cybersecurity

Yujing Liu

Published: 3:00pm, 18 Jan 2018

Why you can trust SCMP

Cybersecurity complaints rose to a record high last year due to a spike in malware attacks with the trend likely to continue this year, Hong Kong’s information security watchdog warned on Thursday, as it raised the possibility of more incidents involving extortion.

Last year, the Hong Kong Computer Emergency Response Team (HKCERT) received 6,506 complaints – 7 per cent more than the previous year. About one in three, or 2,041, were on malware attacks, an 80 per cent spike from the year before.

They included attacks from global ransomware WannaCry, which last May swept across 150 countries and infected more than 300,000 computers. Hong Kong was relatively unscathed, as the attack was unleashed on a Friday afternoon in Europe when most businesses in Asia had closed for the weekend.

Global ransomware attack hits third Hong Kong system

The watchdog warned extortion and fraud-related cyberattacks could rise this year, as more hackers were working on behalf of shady clients rather than launching attacks on their own.

Wilson Wong, general manager of IT at the Hong Kong Productivity Council, pointed out that while hackers in the past were motivated by the thought of becoming famous for causing pure damage, these days, they were driven by money.

Many people think smartphones are safer than computers when it comes to attacks, but that is not the case

Leung Siu-cheong, Hong Kong Computer Emergency Response Team

This “crime-as-service” model meant hackers were likely to “lock people’s computers or valuable information, and demand a ransom small enough that victims can afford,” Wong said.

In the case of WannaCry, Wong said 40 users fell for the attack. Another 1,210 computers were infected but a security expert managed to disable the worm within days.

Wong said that while no company was immune to cyberattacks, those that stored intellectual property and clients’ information were more likely to be targets.

The watchdog said it saw a growing trend of attacks occurring through mobile payment and stock trading, as such apps usually did not indicate whether transactions were happening with the protection of a real and valid encryption certificate.

Meanwhile, most computer browsers would show that transactions were secure with a padlock icon in the address field.

“Many people think smartphones are safer than computers when it comes to attacks, but that is not the case,” Leung Siu-cheong, senior consultant at the HKCERT, said.

The rise of ransomware: how data extortion became the biggest thing in cybercrime

Hackers could also attack the software suppliers of companies and install viruses through software updates, which would be hard to detect.

The watchdog advised individuals and companies to regularly back up their data, make offline copies of important information and test the safety of software updates.

Mobile devices in Hong Kong at risk of Blueborne cyberattacks

At the end of the day, companies would have to “restrict the exposure of corporate data and services to the internet and their service partners,” Wong said.

In the past few months, three travel agencies in the city reported ransomware attacks. They included WWPKG Holdings, one of the biggest travel agencies in Hong Kong, which was hacked in November, putting at risk personal data of some 200,000 customers. Big Line Holiday and Goldjoy, two smaller agencies, were hacked in the first week of January.

This article appeared in the South China Morning Post print edition as: Malware attacks in city hit record high in 2017

Post