Hong Kong must take the threat of cyberwarfare seriously

Edwin Seo says defence is a must with security breaches on the rise

PUBLISHED : Tuesday, 01 July, 2014, 3:15pm
UPDATED : Wednesday, 02 July, 2014, 3:48am

Cyberattacks have been in the news in Hong Kong and it looks like they're here to stay. Government departments, financial institutions and companies need to recognise the vulnerability of their networks and applications to attacks from technically savvy protesters.

While the internet has created many opportunities for companies and consumers, it has also opened doors for these "cyberwarriors" to infiltrate networks to conduct acts of terrorism.

The Occupy Central civil referendum in Hong Kong is the latest incident. Shortly after registration for online voting began, the popvote.hk website was overwhelmed by a spate of distributed denial-of-service attacks aimed at preventing citizens from voting.

The attack is considered to be the most sophisticated to have occurred in Hong Kong, given its scale and intensity.

However, it pales in comparison to the 2010 Stuxnet worm that infiltrated Iran's Natanz nuclear facility by targeting control systems; it reportedly destroyed a fifth of Iran's nuclear centrifuges by causing them to spin at higher frequencies, and disrupted the creation of uranium fuel pellets.

When it comes to the rise of sophisticated cyberattacks, Asia is just the tip of the iceberg in comparison to Europe and the US, where more than 75 per cent of security incidents are reported, according to IBM. However, these attacks are increasing in frequency in the region, particularly in Hong Kong.

Apart from the denial-of-service attacks on popvote.hk, the Apple Daily website was also targeted, possibly due to its extensive, supportive coverage of the pro-democracy Occupy Central campaign. The website endured more than 40 million requests per second at its peak, bringing the system down and blocking normal web users from accessing pages for several hours.

Cyberwarfare is becoming common, a tool not just for individuals and groups, but also state actors. It is event-driven and aims to prevent news and information from leaving or entering a particular country.

For example, in 2011, Egypt's main internet service providers banned access for several days in a bid to hamper the momentum of demonstrations against the government of Hosni Mubarak. Protesters were organising themselves through social media platforms such as Facebook and Twitter.

As the methods of technologically savvy protesters grow more sophisticated, so too does the threat of cyberwarfare. Earlier this year, the Hong Kong Productivity Council warned businesses of rising security threats, including from ransomware (malicious software that blocks access to a computer system until a sum of money is paid), botnets (a network of private computers infected with malicious software and controlled as a group without the owners' knowledge), and mobile attacks.

It said 1,593 security incidents were reported in 2013, up 52 per cent from 2012; and identified over 8,300 "invisible bot machines" in Hong Kong in the fourth quarter of last year, which will remain undetected and dormant until activated.

It seems their recommendations for implementing proper security measures were not taken seriously.

Cyberwarriors today target both the network and application layers within an organisation. If the appropriate defence mechanisms are not in place, then information - especially sensitive data - will remain vulnerable to attacks from political protesters and governments seeking power over one another.

Clearly, cyberwarfare is becoming ever more sophisticated, with both security system operators and sellers as well as governments struggling to keep up.

Edwin Seo is senior security solution architect, Asia Pacific and Japan, at F5 Networks