[ad_1]
Hong Kong was targeted by over 440,000 cyber threats in 2024, with over 100 system intrusion and ransomware cases, according to a cybersecurity report released Monday by the Police Force.
The report, released by the Force’s Cyber Security and Technology Crime Bureau (CSTCB) also found that about five percent of the city’s online assets which have been categorized as critical infrastructure had security loopholes or vulnerabilities.
Police processed over 25 million items of cyber threat intelligence in 2024, of which more than 440,000 targeted the city. About 65 percent of the threats were phishing attacks, which lure employees of organizations into clicking malicious links in emails to download malware or enter credentials related to enterprise systems or cloud services.
READ MORE: InvestHK checks for data leaks following ransomware attack
According to the report, the force recorded 7,680 technology crime cases in the first quarter of this year, representing a 1.1 percent increase from the same period last year, with losses amounting to about HK$1.43 billion ($182 million), an 11.7 year-on-year decrease.
Ransomware — a type of malware encrypting victims files and demanding for payment — and system intrusions were also widely used by criminals, with over 100 such case logged in the city last year, said police.
Fourteen cases involved system intrusions, up 7.7 percent from last year, with total losses reaching HK$12.5 million.
Superintendent Baron Chan Shun-ching of CSTCB revealed that the largest case in the first quarter involved a financial services company suffering losses of about HK$4.98 million after its system was breached.
Chan said that victimized organizations commonly suffered from security vulnerabilities including poor access control and configuration, outdated and unpatched systems, and a lack of threat detection mechanisms.
He attributed rising case numbers to heightened public awareness under the passage of the Protection of Critical Infrastructures (Computer Systems) Ordinance in March this year, which mandates reporting previously voluntary incidents.
READ MORE: InvestHK: No data leakage in recent ransomware attack
Senior Superintendent Carmen Leung Oi-lam of the CSTCB said that last year’s regular cybersecurity assessments on the city’s key infrastructures examined over 90,000 internet assets, with about 4,500, or five percent, found to have varying degrees of system vulnerabilities or weaknesses.
Among the security loopholes, 89 percent were of medium to low risk, such as certificate authorization issues, while the remaining 11 percent were of extremely high and high risk, involving the leakage or theft of system login credentials and the exposure of cloud storage services, police said.
The affected organizations were warned to make timely repairs, police added.
Contact the writer at stephyzhang@chinadailyhk.com
[ad_2]
Source link
