image

Cybersecurity

Cyberattacks expected to rise as China-based state-linked hackers target Hong Kong organisations

Cybersecurity firm thinks attacks by hacker groups will increase amid political strife in the city

PUBLISHED : Thursday, 03 March, 2016, 7:07pm
UPDATED : Thursday, 03 March, 2016, 7:45pm

Cyberattacks in Hong Kong are expected to rise, according to security experts who have identified at least seven state-linked hacker groups in mainland China that have been targeting organisations in the city since 2014.

Bryce Boland, the chief technology officer for Asia-Pacific at cybersecurity company FireEye, said on Thursday that cyberattacks by the hacker groups were likely to increase as political strife in Hong Kong continued.

READ MORE: Hong Kong cyber attacks spiked during Occupy Central, academic’s study finds

“Political unrest in Hong Kong doesn’t sit well with the [Chinese Communist] party,” Boland said.

“Hong Kong is a perfect target for advanced attackers. It’s a global business hub with simmering political tensions. It’s also in close proximity with ... actors with an interest in Hong Kong’s political and economic development,” he added.

FireEye’s intelligence assessment found the seven Chinese hacker groups to be state-linked based on a range of factors, including the targeted victims, information sourced, resources used and forensic evidence from cyberattacks.

“During Occupy Central, we saw a big uptick in hacking incidents,” Boland said. “We see a consistent level of attacks against [some Hong Kong organisations] coming from [mainland] China, and we expect that this will continue.”

About 43 per cent of FireEye’s Hong Kong clients were subject to an advanced attack by hacker groups in the second half of last year, compared to the 15 per cent global average, according to the company’s global survey of more than 4,000 clients.

It described Chinese hacker groups as a “prolific threat” that tend to focus on diplomatic, military and economic intelligence from governments and private-sector firms. Specific companies targeted are in finance, logistics, media and law.

Boland said several Hong Kong government organisations had also been the target of cyberattacks, but he declined to say whether those incidents involved the mainland hacker groups.

READ MORE: Cyber attacks on Hong Kong universities increasing as state-backed hackers target city in the wake of Occupy Central

Michael Chue, FireEye’s general manager for Greater China, said Hong Kong lagged behind Singapore, Japan and South Korea in improving cybersecurity.

“A majority of Hong Kong organisations use signature-based technology to protect themselves, but that is not good enough against advanced attackers,” Chue said. Signature-based technology is a form of malware detection commonly found in anti-virus software.

Michael Gazeley, the managing director at network security firm Network Box, blamed the Hong Kong government for the city’s lack of cybersecurity awareness.

“The government’s current approach is wrong because we need technology to protect Hong Kong, instead of setting up more think tanks, discussions or taxpayer-funded organisations,” Gazeley said. He suggested that the government work closely with established cybersecurity firms to tackle this problem.

“We’ve reached a point where cybersecurity is so important that we actually need to get down to doing something about it instead of just talking about the issue,” he said.

Reports of hacking rose 43 per cent last year compared with 2014, according to data released in January by the Hong Kong Computer Emergency Response Team Coordination Centre. Almost 5,000 hacking incidents were reported, with a four-fold increase in website attacks.