Skip to main content

HKPC Urges Enterprises for Cyber Security Strategy for the New Normal and New Technologies

The Hong Kong Productivity Council (HKPC) today urged enterprises to quickly put in place cyber security strategy for the new normal and new technologies, in order to combat an anticipated surge in cyber attacks in 2021 arising from accelerated digital transformation amid the COVID-19 pandemic and the use of emerging technologies such as 5G communications, Internet of Things (IoT) and AI.

Release Date: 19 Jan 2021 7993 Views

The Hong Kong Productivity Council (HKPC) today urged enterprises to quickly put in place cyber security strategy for the new normal and new technologies, in order to combat an anticipated surge in cyber attacks in 2021 arising from accelerated digital transformation amid the COVID-19 pandemic and the use of emerging technologies such as 5G communications, Internet of Things (IoT) and AI.

 

 

HKCERT Security incident reports - Year 2020 Total 8346, Year 2019 Total 9458, Year 2018 Total 10081, Year 2017 Total 6506, Year 2016 Total 6058

 

 

The number of overall security incidents reported to the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) of HKPC recorded a drop for the second year running, falling 12% year-on-year to 8,346 in 2020. Phishing (3,483 cases or 42%) went up 35% with cyber criminals exploiting the surge of online activities due to the pandemic. On the other hand, botnets (4,154 cases or 50%), which remained the top source of reported incidents, and malware (181 cases or 2%) fell 16% and 85% respectively. The latter was owed to more malware targeting enterprises for higher return instead of individuals.

 

 

HKCERT Security Incident Reports - Botnet 50%, Phishing 42%, DDoS 1%, Defacement less than 1 %, Malware 2%, Other 5%. Compare to last year the total number of incident decreased 12%

 

 

Analysing the upcoming cyber security trend, Mr Alex Chan, General Manager, Digital Transformation of HKPC, said, “2020 has been a watershed for digital transformation. With the impact of pandemic, business and lifestyle quickly turned to contactless solutions such as remote work, distant learning, online shopping, tele-medicine, etc. Where safeguards cannot catch up with the swift online migration, higher cyber security risk is the consequence, especially for mobile financial services. Also, the application of new technologies such as 5G, IoT and AI may lead to more exposure of systems or data over untrusted network. Together with crime-as-a-service maturing, a proliferation of targeted and organised cyber attacks is anticipated for 2021.”

 

 

Security Outlook for 2021 - 1. Security Risk of the New Normal, 2. Security Risks of New Technologies, 3. Security Risks of Mobile Financial Services, 4. Proliferated Targeted and Organised Cyber Attacks, 5. Escalated Supply Chain Attacks

 

 

Furthermore, enterprises must brace for an escalation in supply chain attacks in which attackers leverage on the trust of an enterprise on its supply chain partners to bypass traditional defences and compromise a large number of computers. 

 

 

Offering advice to the community, Mr Chan said, “Enterprises have to formulate cyber security strategy for the new normal and new technologies, include third party risks in their management plan, lock down any exposure to the Internet, adopt strong authentication, and conduct cyber security health check and monitoring. They should also raise cyber security awareness of their staff to cope with the changing attacks. Enterprises can also strengthen their cyber security by referencing the specifically compiled cyber security guidelines on work from home, web meeting, remote access and enterprise VPN, etc. which can be downloaded from HKCERT website (www.hkcert.org).”

 

 

Besides providing proactive advices for the new normal, security alerts, incident response and security awareness for enterprises and Internet users, HKCERT also promote cloud security and groom the next generation cyber security talent. HKPC would also assist the industry in cyber security health scoring and monitoring, and provide a secure authentication platform to ease SMEs and startups in secure application development.

 

 

 

 

Photo Caption

Mr Alex Chan, General Manager, Digital Transformation, and Head of HKCERT, HKPC (right) and Mr Lawrence Law, Security Consultant of HKCERT of HKPC (left) urged enterprises to quickly put in place cyber security strategy for the new normal and new technologies, in order to combat an anticipated surge in cyber attacks in 2021 arising from accelerated digital transformation amid the COVID-19 pandemic and the use of emerging technologies such as 5G communications, Internet of Things (IoT) and AI.