Cyberattacks in Hong Kong are expected to rise, according to security
experts who have identified at least seven state-linked hacker groups
in mainland China that have been targeting organisations in the city
since 2014.
Bryce Boland, the chief technology officer for Asia-Pacific at
cybersecurity company FireEye, said on Thursday that cyberattacks by the
hacker groups were likely to increase as political strife in Hong Kong
continued.
“Political unrest in Hong Kong doesn’t sit well with the [Chinese Communist] party,” Boland said.
“Hong Kong is a perfect target for advanced attackers. It’s a global
business hub with simmering political tensions. It’s also in close
proximity with ... actors with an interest in Hong Kong’s political and
economic development,” he added.
FireEye’s intelligence assessment found the seven Chinese hacker
groups to be state-linked based on a range of factors, including the
targeted victims, information sourced, resources used and forensic
evidence from cyberattacks.
“During Occupy Central, we saw a big uptick in hacking incidents,”
Boland said. “We see a consistent level of attacks against [some Hong
Kong organisations] coming from [mainland] China, and we expect that
this will continue.”
About 43 per cent of FireEye’s Hong Kong clients were subject to an
advanced attack by hacker groups in the second half of last year,
compared to the 15 per cent global average, according to the company’s
global survey of more than 4,000 clients.
It described Chinese hacker groups as a “prolific threat” that tend
to focus on diplomatic, military and economic intelligence from
governments and private-sector firms. Specific companies targeted are in
finance, logistics, media and law.
Boland said several Hong Kong government organisations had also been
the target of cyberattacks, but he declined to say whether those
incidents involved the mainland hacker groups.
Michael Chue, FireEye’s general manager for Greater China, said Hong
Kong lagged behind Singapore, Japan and South Korea in improving
cybersecurity.
“A majority of Hong Kong organisations use signature-based technology
to protect themselves, but that is not good enough against advanced
attackers,” Chue said. Signature-based technology is a form of malware
detection commonly found in anti-virus software.
Michael Gazeley, the managing director at network security firm
Network Box, blamed the Hong Kong government for the city’s lack of
cybersecurity awareness.
“The government’s current approach is wrong because we need
technology to protect Hong Kong, instead of setting up more think tanks,
discussions or taxpayer-funded organisations,” Gazeley said. He
suggested that the government work closely with established
cybersecurity firms to tackle this problem.
“We’ve reached a point where cybersecurity is so important that we
actually need to get down to doing something about it instead of just
talking about the issue,” he said.
Reports of hacking rose 43 per cent last year compared with 2014,
according to data released in January by the Hong Kong Computer
Emergency Response Team Coordination Centre. Almost 5,000 hacking
incidents were reported, with a four-fold increase in website attacks.
SCMP