Hackers take aim at affluent Hong Kong
Cyber criminals and hackers drawn by Hong Kong's flourishing economy and affluent population are targeting the city, IT security professionals warn.
The severity of the problem of unwanted e-mails was highlighted in the MessageLabs Intelligence monthly report in September. Spam accounted for 92.7 per cent of e-mail traffic in Hong Kong up to August, while the global spam rate was 91.7 per cent.
Spam is only one of the internet threats. 'On average, 1,919 new websites hosting malicious content are detected worldwide daily. Compounded with the explosion of social media sites and increased use of shortened URLs, it is difficult for users to determine if a site might be malicious until it has become too late,' says Nigel Mendonca, regional director for Asia at Symantec Hosted Services (SHS), a leading provider of online messaging and Web security services.
'There were 107 billion spam e-mails sent on a daily basis worldwide in 2009. Those spam e-mails, paired with a growing number of targeted Trojans, significantly increase the risk to endpoints. It only takes one employee visiting a site hosting malicious software or malware, or opening a single infected document, to open up the entire organisation to attackers.'
A Trojan is a type of computer virus that appears to perform a desirable function for the user prior to installation, but instead allows unauthorised access to the user's computer system.
SHS provides hosted security solutions by using the power of cloud computing to secure and manage information stored on endpoints and delivered via e-mail, the Web and instant messaging, Mendonca says. Cloud computing is internet-based computing whereby shared resources, software and information are provided to computers and other devices on demand, similar to the electricity grid.
'We have built on the foundation of MessageLabs' market leading software-as-a-service (SaaS) offerings and proven Symantec technologies. SHS provides essential protection while virtually eliminating the need to manage hardware and software on site,' he says.
Symantec acquired MessageLabs in November 2008. All services by SHS are offered on a subscription model, with pricing depending on the number of users.
Although the banking and finance industry is more security-conscious than others, businesses of any size in any sector are all looking for reliable and inexpensive protection from online threats. 'Small- and medium-sized enterprises [SMEs], which represent the majority of Hong Kong firms, are especially interested in adopting hosted security solutions because they typically have fewer IT staff,' Mendonca says.
The company's comprehensive portfolio of solutions and services is driven by market needs. 'As the September MessageLabs' report points out, risky behaviour rockets when staff escape their offices. Up to a third of mobile workers indulge in potentially harmful Web browsing when they are let off the corporate leash,' he says.
Recent SHS research in Hong Kong found that 87 per cent of people surveyed perform office tasks remotely from their mobile devices using the internet. At least 60 per cent use their personal devices rather than units supplied by their organisations. Meanwhile, 81 per cent of respondents also use their devices for personal pursuits, such as checking e-mail, internet browsing or watching videos, and other online entertainment. All these activities are known threat vectors that require active protection.
'We have recently launched Symantec Hosted Endpoint Protection to help businesses in Hong Kong and around the globe cope with this threat. It is a new cloud-based offering for SMEs looking for a way to deploy comprehensive security for their computer systems without the need for additional hardware or management software,' Mendonca says. 'This system is to safeguard endpoints with a single solution managed from a Web-based console offering advanced protection from the endpoint to the gateway. It is a complementary offering to the existing SHS portfolio.'
SHS is providing an enhancement to the Spam Manager application used by its Hosted E-mail AntiSpam service.
Mendonca says: 'This enhancement will give the ability to allow users to release e-mails captured as spam directly from the summary notifications they receive. Once released, the e-mail is sent automatically to the user's inbox without requiring them to continually sign into the user interface. We find this function well received by clients because it reduces both the amount of time and steps necessary to release messages detected as spam.'
There are no legal compliance issues if companies in Hong Kong with mainland branch offices subscribe to SHS services. 'However, compliance can be an issue for overseas firms that are obliged to conform to legislation such as Sarbanes-Oxley,' he says. 'For example, some businesses are obliged to store e-mails for from five to seven years. Just storing legitimate e-mails can take up a lot of disk space.'
Mendonca says SHS can help on two fronts - filtering the spam before it ever gets to the customer's network, plus an e-mail archiving system that can store the information off-site for safety and easy retrieval.