Hong Kong Police Force (HKPF) received more than 440,000 pieces of intelligence on cyberthreats targeting the city in 2024, while 5 percent of network assets owned by critical infrastructure operators were vulnerable to online attacks, found a first-of-its kind review released by the police who called on critical infrastructure operators to bolster their defensive efforts against cyber threats.
According to the report released on Monday by the Cyber Security and Technology Crime Bureau (CSTCB) of the HKPF, the bureau handled more than 25 million pieces of intelligence concerning potential cyberthreats last year, averaging more than 68,000 per day. Among them, over 440,000 were leads on threats specifically targeting Hong Kong, the RTHK reported on Monday.
The police force said they inspected 90,000 assets controlled by critical infrastructure firms last year and discovered more than 4,500 loopholes in their systems among which 11 percent were at critical or high risk, while the remaining 89 percent were at medium to low risk.
"If these loopholes are not discovered and fixed, when cyberattacks happen, they will definitely affect important services in Hong Kong or even affect residents' usage," Raymond Lam Cheuk-ho, chief superintendent of the cybersecurity and technology crime bureau, warned, the South China Morning Post reported on Monday.
The Hong Kong police stated that they recorded nearly 34,000 technology-related crimes last year, representing a slight decrease of 0.6 percent compared to the previous year. The financial losses involved exceeded HK$5.1 billion ($650.43 million), down by about 6 percent.
The police said they recorded 7,680 technology-related crime cases from January to March this year, up 1.1 percent year on year. The cases, most of which involved online shopping, inflicted losses of more than HK$1.43 billion, according to RTHK.
The cybersecurity report outlines several types and tactics used by perpetrators, including: stealing sensitive data through cyber intrusions; launching large-scale breaches via supply chain vulnerabilities; leveraging artificial intelligence to increase the destructive power of attacks; using social engineering to obtain personal information and internal system credentials; and deploying ransomware to encrypt data for extortion. The police emphasized that conducting risk assessments of cyber assets linked to Hong Kong's critical infrastructure is a key preventive measure, Hong Kong-based news outlet Wen Wei Po reported on Monday.
The police stated that cybersecurity experts recommended establishing a comprehensive cybersecurity defense strategy and adopting proactive security measures. Both individuals and businesses can strengthen cyber security by minimizing human error, ensuring the security of systems and devices, and being well-prepared for incident response and recovery, according to RTHK.
Hong Kong police recently announced that, based on the latest geopolitical risk assessments and public interest, they have canceled the tender process for the next-generation communication system. Instead, they will directly procure from trusted service providers that meet technical requirements. Lam noted that geopolitical risks could impact all technology supply chains and urged the public to remain vigilant, RTHK reported.
京公網安備 11010202009201號