Hong Kong organisations are easy targets for hackers, more cyberattacks expected this year, consultancy Kroll finds

Financially motivated cyberattacks are on the rise after declining following Russia’s invasion of Ukraine, cybersecurity consultancy Kroll said. Hong Kong and the rest of Asia-Pacific have historically lower cybersecurity, making local organisations prime targets. — SCMP

Hong Kong organisations could be easy targets amid an uptick in cyberattacks expected in the second half of the year, according to cybersecurity consultancy Kroll, which blamed low awareness of how to monitor for threats and the city’s outdated data protection law.

Financially motivated cyberattacks have been on the rise in recent weeks, with ransomware and email attacks being the most common types, said Paul Jackson, regional managing director for Kroll’s Cyber Risk practice in Asia-Pacific (APAC).

“Hong Kong and the rest of APAC will be targeted, because historically we’ve had a lower maturity in cybersecurity and the bad guys are always looking for easier targets,” said Jackson, a two-decade veteran of the Hong Kong Police Force who left the force in 2010.

Jackson served multiple roles with the Hong Kong police, including the Chief Inspector and Head of Computer Forensics.

The uptick in cyberattacks came after a relative lull, as attacks declined in part because of Russia’s invasion of Ukraine, according to Jackson. A significant portion of financially motivated organised cybercrime originated in the region, he said.

Kroll has also seen a return of attacks on healthcare organisations, which Jackson said had fallen during the pandemic possibly because criminals chose not to target them, as they were overloaded by the health crisis.

In the second quarter, cyberattacks on healthcare organisation increased 90% globally from the previous quarter, according to Kroll’s Threat Landscape report published last week.

The previous drop in cyberattacks should not “put a false sense of security in the minds of leaders in Asia”, Jackson said.

“Unfortunately, Hong Kong still has a very low awareness of how to effectively monitor (cyber threats), and I would say a very small percentage of companies here are doing a good job of monitoring,” he said. “And we haven’t been helped by the fact that we have outdated data protection laws.”

Hong Kong was once considered a leader in data protection, with a data law dating back to 1996. However, the Personal Data (Privacy) Ordinance has barely been updated since. With the introduction of the European Union’s General Data Protection Regulation, which took effect in 2018, and last year’s Personal Information Protection Law in mainland China, Hong Kong’s law has started to look outdated by comparison.

Hong Kong does not require user consent for the collection and processing of personal data, and there are no legal obligations for reporting data breaches. The local government proposed a new cybersecurity law in May, which is expected to improve the city’s resilience against cyberattacks.

“These are welcome changes, the enhancements to the laws,” Jackson said. “It’s been a long time since the law was changed, and it’s a good move for Hong Kong as a business centre.”

According to the latest report from the Hong Kong Computer Emergency Response Team Coordination Centre, an agency tracking cyberattacks in the city, cyberspace threat detections increased more than 20% in the first four months in 2022 from the same period last year. – South China Morning Post

Article type: free
User access status:
Subscribe now to our Premium Plan for an ad-free and unlimited reading experience!

Next In Tech News

Google contractors allege they were fired for union ties
21 more Malaysian scam victims return from Cambodia, Laos
Amazon abandons live tests of Scout home delivery robot
Does Kim Kardashian's SEC fine mark the end of the crypto-celebrity gold rush?
Toyota unit Hino considers action against executives
Explainer-How will Elon Musk pay for Twitter?
Musk says Pepsi to receive Tesla's first Semi trucks in December
Samsung's earnings slump on rapid drop-off in chip demand
In Apple's shadow, Google takes new route to face recognition on Pixel phones
Insider Q&A: Privacy advocate sees growing public alarm

Others Also Read