Cybersecurity firm Palo Alto Networks identified 3,998 posts from ransomware groups on websites for leaked information, a 49 per cent increase over 2022. Hong Kong’s two largest industries were the most targeted for extortion, Wickie Fung, Palo Alto Networks’ managing director for Hong Kong and the Greater Bay Area, said during a press briefing on Wednesday.
As a finance hub, Hong Kong’s banks and other financial institutions possess “vast amounts of valuable data”, which make them “hot targets for multi-extortion attacks” by ransomware gangs, Fung said.
ChatGPT-aided ransomware in China results in four arrests
ChatGPT-aided ransomware in China results in four arrests
Manufacturing was the most impacted industry across the Greater China area, the firm found. This industry typically has limited visibility into its operational technology systems, Fung said, contributing to cybersecurity vulnerabilities.
Ransomware typically involves the theft or encryption of private data with a threat to release or delete that data unless a ransom is paid, typically in cryptocurrency. Blockchain analytics firm Chainalysis found that at least US$1.1 billion in ransomware was paid out in crypto last year, the largest on record and an estimate the firm called “conservative”. Ransomware incidents are often under-reported, as many firms prefer to quietly contain the fallout.
Median ransom demands were up 3 per cent last year to US$695,000 from US$650,000 in 2022, but median payouts fell 32 per cent to US$237,500 from US$350,000, according to the report. The discrepancy may be the result of effective negotiations from incident response teams, the report said.
The median time from a system’s initial compromise to the exfiltration of data was down to just two days in 2023, a 45 per cent decline from the nine days it took in 2021.
AI may be both a cause and solution to some of the increased challenges from ransomware. Hong Kong firms are exploring potential use cases for AI in defending their assets, according to Palo Alto Networks.
However, Hong Kong is still in a “learning phase”, Fung said, and awareness and security measures are “never enough”. He “has yet to see a very sophisticated or domain-specific AI use case” for ransomware prevention in Hong Kong, Fung added.
Felix Cheng, head of systems engineering of Palo Alto Networks, said that although the financial services industry tends to be on the “conservative side”, the concept of using AI tools in cybersecurity defence is beginning to take hold at Hong Kong companies.
To better guard against a rising number of attacks, Cheng said organisations should adopt in-depth, multilayer defence systems. Strengthening cloud infrastructure should be another focus, he added, while developing an incident response plan could bring added benefits.