Feeds

Hong Kong firms also at risk from Chinese hackers

Experts warn multinationals to batten down hatches

Top 5 reasons to deploy VMware with Tegile

Security experts have warned multinationals with bases in Hong Kong that they are not immune to cyber attack from China despite the shared sovereignty between the Special Administrative Region (SAR)and its mainland parent.

The Chinese authorities have long been blamed for either officially sanctioning cyber espionage attacks on foreign public and private organisations or turning a blind eye to financially motivated or patriotic attacks on western companies and states launched from within the People’s Republic.

Some believe there is an unwritten agreement between the hacking community and the authorities that these activities can continue as long as no government organisations or firms operating in China are touched.

However, experts in the SAR have said multinationals appear to be fair game for Chinese hackers.

Roy Ko, centre manager of the Hong Kong Computer Emergency Response Team (HKCERT) told The Reg that his team works closely with its Chinese counterpart to source the location of attacks on local firms.

“Hong Kong’s immunity depends on our capabilities to defend, not because we’re part of China,” he argued. “We have a good communications channel in place with the China CERT, so when the attacks have come from China we can seek their help and advice.”

Ian Christofis, an acting manager for Verizon in North Asia, recently told The Reg that multinationals on the mainland were worried about IP theft via malicious insiders and said Hong Kong firms were equally in the crosshairs.

“Hong Kong is just as much a target as anywhere else. Hong Kong firms should not be complacent,” he added.

Guido Crucq, GM of security solutions Asia Pacific for integrator Dimension Data, agreed.

"Cybercriminals are into hacking for the money, so we advised our clients that we can't let our guard down simply because we are doing business in a location which we consider as friendly territory," he said.

However, lawmaker Samson Tam, who is a legislative councillor for IT in the SAR, preferred to play up the threat to locally-based firms from outside of China.

“Most attacks come from smaller countries or areas with looser controls, so international police force co-operation is very important,” he told The Reg.

“Mainly they are financially-motivated attacks because we don’t have many political, cultural or religious tensions here.”

In any case, as has been proven in the past, it can be frustratingly difficult for experts to accurately trace back a cyber attack to source.

Given its large online population, China will naturally have a sizeable number of compromised machines which either home-grown or foreign hackers can use to launch attacks, said HK CERT's Ko. ®

Internet Security Threat Report 2014

More from The Register

next story
'Kim Kardashian snaps naked selfies with a BLACKBERRY'. *Twitterati gasps*
More alleged private, nude celeb pics appear online
Home Depot ignored staff warnings of security fail laundry list
'Just use cash', former security staffer warns friends
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Freenode IRC users told to change passwords after securo-breach
Miscreants probably got in, you guys know the drill by now
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
BitTorrent's peer-to-peer chat app Bleep goes live as public alpha
A good day for privacy as invisble.im also reveals its approach to untraceable chats
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.