Getting your Trinity Audio player ready...
|
The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) has unveiled its new Chinese name and introduced cutting-edge technologies to combat cyber-attacks. This rebranding aims to reflect HKCERT’s services better, enhancing public understanding, particularly among small and medium-sized enterprises (SMEs) in Hong Kong. During the launch, two applications leveraging artificial intelligence (AI) were showcased, highlighting HKCERT’s commitment to improving cyber security in Hong Kong.
In the first half of the year, HKCERT handled a 31% increase in cyber security incidents compared to the latter half of 2023. Phishing attacks were the most prevalent, rising from 2,018 to 3,212 cases and involving over 18,000 malicious URLs, the highest on record. Recent security incidents revealed sophisticated AI-related cyber-attacks, including Next-Level Phishing Attacks like deepfake scams targeting major institutions. These trends align with the five key security risks previously highlighted by HKCERT.
To address these threats, the General Manager of the Digital Transformation Division of the Hong Kong Productivity Council (HKPC) and spokesperson for HKCERT, announced two AI-powered cyber security applications. The first application focuses on the rising severity of phishing attacks by using AI to detect and distinguish phishing URLs. Upon detection, HKCERT acts promptly to remove these URLs, reducing the likelihood of individuals falling victim to phishing attacks. The second application is a cyber security risk alert system that uses AI to analyse trends in phishing, malware, and botnet attacks specific to Hong Kong. It disseminates alerts and defence measures to the public, enabling early prevention.
These AI applications handle large-scale data analysis and take proactive, precise actions against cyber threats. In the past month, over 3.7 million URLs were scanned, successfully intercepting phishing websites imitating popular e-commerce platforms and instant messaging software used by Hong Kong residents. The AI system continues to learn and improve, with analysed information shared through the Hong Kong Police Force’s Scameter and the HKCERT website.
Established in 2001 with funding from the Hong Kong SAR Government and operated by HKPC, HKCERT collaborates with domestic and international partners to enhance its cyber defensive capabilities. As a member of the Forum of Incident Response and Security Teams (FIRST) and the Asia Pacific Computer Emergency Response Team (APCERT), HKCERT exchanges information with other CERTs and acts as a contact point for cross-border security incidents.
In May, HKCERT signed a memorandum of understanding with AusCERT from Australia, establishing a three-year partnership focused on cyber defensive security incident response, threat intelligence sharing, and project development. This collaboration includes the application of AI technology to combat phishing attacks and explores other measures to ensure Hong Kong’s cyber security. Additionally, HKCERT has a collaborative mechanism with the Office of the Government Chief Information Officer (OGCIO) and the National Computer Network Emergency Response Technical Team (CNCERT) to address cyber security incidents affecting both Mainland China and Hong Kong.
The Executive Director of HKPC emphasised Hong Kong’s role as an international centre for finance, trade, shipping, and communication, underpinned by world-class infrastructure. He highlighted the importance of robust cyber security for maintaining this infrastructure and announced HKCERT’s commitment to swiftly responding to the latest cyber threats, enhancing security awareness among enterprises and individuals. Moving forward, HKCERT will focus on safeguarding network security, combating malicious activities, and strengthening defence awareness through active collaboration with international cybersecurity organisations.
Speaking at the ceremony, Government Chief Information Officer Mr. Tony Wong affirmed the government’s support for HKCERT. He expressed hope that HKCERT would continue to work closely with network providers and CERT teams globally to minimise cyber-attack risks and promote education and prevention, building a robust defence line for Hong Kong’s cyber security.
Under the New Industrialisation and Technology Training Program (NITTP) funded by the Innovation and Technology Fund, local businesses can receive advanced technology training on a 2(Government):1(enterprise) matching basis, nurturing more cyber security professionals. HKCERT is also preparing for its annual flagship event, the 5th HKCERT Capture the Flag (CTF) Challenge. Last year’s event saw over a thousand participants and introduced an overseas category. This year’s competition will feature online qualifying rounds and an on-site final, along with cyber-attack and defence workshops. Registration for the CTF competition is expected to open in July.