HKCERT Releases Annual Information Security Outlook and Forecast
Hackers Exploit AI for Crimes Could Become a New Normal
HONG KONG SAR - Media OutReach Newswire - 1 February 2024 - The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) held a briefing today, and summarised the information security situation in Hong Kong in 2023 as well as released a security outlook for 2024.
Emerging technologies, such as artificial intelligence (AI), can bring additional benefits to businesses. However, with the development of these technologies, cyber attacks come one after another, and cyber threats become more complicated. Organisations and citizens must not underestimate them. It is important for organisations and citizens to have a better understanding of cyber security and to enhance their ability to respond to cyber security risks.
HKCERT handled a total of 7,752 security incidents in 2023. Among them, phishing accounted for nearly half of all cases (3,752 cases, 48%), showing a double-digit increase, with a 27% increase from 2022, also breaking the five-year record. The number of links related to phishing also exceeded 19,000, showing a double-digit increase as well, with a 22% annual increase. The number was also doubled in four years. Phishing attacks were concentrated in the banking, finance, and electronic payment industries, followed by e-commerce.
Mr Alex CHAN, General Manager of the Digital Transformation Division of Hong Kong Productivity Council and spokesperson for HKCERT said, "With the application of AI, hackers' actions may outpace the development of the cyber security industry. Additionally, the emergence of tools such as generative AI has significantly increased the prevalence of cyber attacks, particularly in the realm of phishing scams. The level of simulation has become increasingly sophisticated, making it nearly impossible for victims to distinguish between real and fake content. Furthermore, AI-driven threats possess adaptability, allowing them to analyse defences in real-time and readjust strategies, posing a challenge to traditional cyber security measures. Both organisations and individual users should be prepared for potential hacker attacks at any time. Furthermore, when using electronic devices with connectivity to other devices or the internet and third-party services, adequate security measures should be made, such as referencing international security standards, to reduce the risks after implementations."
The media briefing also invited Mr Frankie WONG, Vice Chairman of the Professional Information Security Association and representative of HKCERT Critical Infrastructure Cyber Security Watch Programme, to share an analysis of LockBit ransomware and the related preventive measures. He stated, "In recent years, ransomware attacks have become increasingly severe. Hacker groups actively search for vulnerabilities in organisations' networks, exploiting them to gain unauthorised access, steal data, and encrypt files. They then demand ransom payments, threatening to publicly release the compromised information. Once confidential data is stolen and exposed, the consequences can be endless. Therefore, organisations should be proactive in addressing these threats, regularly conducting comprehensive reviews of their network security vulnerabilities, and taking timely actions to prevent potential losses."
The Five Key Information Security Risks to be Aware of in 2024 are:
- "Weaponisation" of AI: Hackers use generative AI to issue instructions for generating malicious code, dominating cyber attacks. Additionally, hackers can use AI to generate disinformation that affects the output of other AI, bypassing cyber security measures. Hackers also use AI to create fake videos to deceive for personal gain.
- Next-Level Phishing Attacks: In addition to using traditional methods such as emails and text messages to conduct phishing attacks, hackers also use fake videos to impersonate someone's identity. Phishing attacks also extend to social media platforms, impersonating some brand pages. At the same time, hackers use search engine optimisation (SEO) techniques to make phishing websites appear at the top of search results, deceiving more victims.
- Trend towards Organised Cybercrime: In 2023, Hong Kong experienced several ransomware attacks targeting local organisations, resulting in large amounts of ransom being extorted and sensitive data being exposed. Citizens also faced threats from malicious apps and phishing. Globally, the number of ransomware attacks and vulnerabilities reached a new high in 2023, indicating an increasingly serious trend of organised and systematic cybercrimes.
- Attacks Arisen from Smart Devices: Electronic products nowadays are most equipped with network connectivity, allowing them to connect to other devices or the internet. These products have varying cyber security standards and are susceptible to intrusion and malicious manipulation. Some products cannot patch security vulnerabilities, making them difficult to block cyber attacks.
- Third-party Risk: Most companies use IT services provided by third-party, such as software and IT personnel, but this gives rise to IT supply chain attacks and insider threats, leading to data breaches, ransomware attacks, and other consequences. Additionally, research suggests that generative AI may produce incorrect information, such as code with security vulnerabilities or false information. If organisations adopt such information without verification, it brings risks to their operations.
In response to these five key information security risks, Mr CHAN called on all sectors of society to strengthen their awareness of information security. He added, "AI is believed to be gradually adopted across various industries. However, before implementing AI, it is crucial to understand and balance its associated cyber security risks. Additionally, we need to be vigilant about emerging forms of phishing, such as the use of AI-generated phishing content, impersonation of official pages on social media platforms, and the exploitation of search engine optimisation for phishing purposes. Furthermore, we must remain cautious about the increasingly severe activities of cybercriminals."
Facing the ever-changing network environment, HKCERT will continue to take multiple measures to enhance public awareness of cyber security and safeguard cyber security. In terms of incident response, HKCERT will provide strategies and advice to the public for handling cyber security incidents, and proactively analyse cyber security vulnerabilities to provide practical guidance. In terms of prevention, HKCERT will take proactive action and collaborate with internet service providers and computer emergency response teams from different countries to remove suspicious websites. As for public education, HKCERT and the Office of the Government Chief Information Officer will co-organise a Cyber Security Week, set up interactive booths and tram promotion campaign, and publish security publications to remind the public to pay attention to emerging cyber security risks.
Hashtag: #HongKongProductivityCouncil
The issuer is solely responsible for the content of this announcement.
About Hong Kong Computer Emergency Response Team Coordination Centre
Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) is the centre for coordination of computer security incident response for local enterprises and Internet Users. Its mission is to facilitate information disseminating, provide advice on preventive measures against security threats and to promote information security awareness.
HKCERT collaborates with local bodies to collect and disseminate information, and coordinate response actions. HKCERT is also a member of the Forum of Incident Response and Security Teams (FIRST) and the Asia Pacific Computer Emergency Response Team (APCERT). We exchange information with other CERTs and act as a point of contact on cross-border security incidents.
For more information, please visit HKCERT's website: www.hkcert.org
About Hong Kong Productivity Council
The Hong Kong Productivity Council (HKPC) is a multi-disciplinary organisation established by statute in 1967, to promote productivity excellence through relentless drive of world-class advanced technologies and innovative service offerings to support Hong Kong enterprises. Being a key enabler of Industry 4.0 and Enterprise 4.0, HKPC strives to facilitate "new industrialisation" in Hong Kong, as well as bolstering Hong Kong to be an international innovation and technology hub and a smart city.
The Council offers comprehensive innovative solutions for Hong Kong industries and enterprises, enabling them to achieve resources and productivity utilisation, effectiveness and cost reduction, and enhance competitiveness in both local and overseas marketplace. The Council partners and collaborates with local industries and enterprises and world-class R&D institutes to develop applied technology solutions for value creation. It also benefits a variety of sectors through product innovation, technology transfer, and commercialisation, bringing enormous business opportunities ahead. HKPC's world-class R&D achievements have been widely recognised over the years, winning an array of local and overseas accolades.
In addition, HKPC offers SMEs and startups immediate and timely assistance in coping with the ever-changing business environment, and strengthens talent nurturing and Hong Kong's competitiveness with FutureSkills training for enterprises and academia to enhance digital capabilities and TechEd competencies. For more information, please visit HKPC's website: www.hkpc.org/en
