Home > Focus HK
Monday, September 26, 2016, 18:37

Hub for cyber criminals

By Honey Tsang

Despite its small size, Hong Kong ranks third in the world and first in Asia as a target for cybercrime. Honey Tsang reports.

Hub for cyber criminals

The grim picture came clear in the conference room at the Hong Kong Computer Emergency Response Team Coordination Center (HKCERT). Since last year, cases of extortion, using sophisticated “ransomware”, to hijack corporate computer data jumped more than a thousand percent. Throughout 2015, the center recorded a scant 18 cases. In the first seven months of this year, 211 reported ransomware cases were investigated, an increase of roughly 1,072 percent year on year.

The causes for unease grew when the next graphic appeared, revealing a pattern of consistent surges in the valuation of bitcoin — the barely traceable digital currency which often figures in the ransom demands of cyber criminals.

Leung Siu-cheong, senior consultant to HKCERT, noted the correlation between jumps in bitcoin valuation and a spate of attacks involving Locky, a strain of ransomware that renames files then scrambles computer data. Victims are forced to pay a price for a key to decrypt and restore their data. Leung’s role is to observe the cyber attack terrain in Hong Kong in search of solutions.

"The cases reported to us represent a small part of the cyber threat. There’re substantial unreported cases in town, still hanging,” Leung told China Daily.

"We have reliable sources in local schools, telling us that many academies have fallen prey to ransomware, without ever reporting breaches to us,” Leung said.

His colleague Wally Wong, security analyst of HKCERT, once said in a seminar themed “Web Security Starts from Health Check” earlier in August, that many computer systems in schools were infected by someone’s clicking a malicious URL (web address), often embedded in ROM discs used as teaching resources.

When valuable files are locked with indestructible encryption, Leung said, most victims have no option but to pay a ransom in bitcoin, so they can be directed to the decryption key that will restore their data.

This year, things are getting more complicated. Along with ransomware attacks, Hong Kong is on the frontlines of another form of cyber-attack, known as the Business Email Compromise scheme, also known to city police as the CEO email scam.  BEC scams spread like most others by using an internet ruse to heist a tidy sum and ultimately to cripple a large organization.

At the end of August, data security experts from around the world converged at CLOUDSEC, the annual internet security conference held in Hong Kong. The expert consensus was that ransomware and BEC proved the two most menacing cyber threats during the first half of 2016.

"It seems that in Hong Kong, despite its size, they (ransomware and BEC) are emerging as major concerns right now,” Myla Pilao, marketing director of TrendLabs at Trend Micro, a global internet content security provider, told China Daily.

True enough, Hong Kong has been the third most affected region hit by email scams attacks, with 226 email scam cases recorded during the first six months of 2016, Trend Micro’s findings showed. The United Kingdom placed second with 595 recorded incidents and 2,496 cases in the United States.

Business email scams are a highly sophisticated stratagem for targeting large enterprises. Perpetrators send phishing emails, appearing to be from company executives. Recipients are directed to execute wire transfers to “alternate” accounts. From January 2015 to June 2016, email scammers poached more than $3 billion, affecting 22,000 firms around the world, according to estimates of law enforcement agencies.

Asked why Hong Kong has risen to third place among countries and regions targeted by cyber criminals, Pilao answered: “The email scam targets routine transactions involving trade, commerce and transfer of funds. In Hong Kong, there’s plenty of that.”

Detective inspector Dicky Wong is in charge of the collaboration team of the Cyber Security and Technology Crime Bureau (CSTCB). The CSTCB is an official watchdog in the fight against cybercrime. Wong suspects that criminals identify email addresses of business executives on social media accounts, like Facebook, Twitter or LinkedIn.

"You put your email on it. Criminals find it. That’s how it works,” Wong told the guests at CLOUDSEC conference.

The two malign cyber threats mean double trouble for Hong Kong. Police statistics  bear that out.  The tally of financial losses due to computer crime in the city amounted to about HK$1.83 billion in 2015.  That represented a 52 percent increase from the HK$1.2 billion reported in 2014.

“The losses (caused by cybercrime) outweigh any other single crime category in Hong Kong,” confirmed Wong. “The figure for 2016 isn’t out yet, but I can tell you that the figure is not getting lower.”

Latest News