Key Cybersecurity Practices for Businesses in Hong Kong to Tackle Ransomware Attacks

Asia Business Outlook recently got a chance to interact with Ken, wherein he shared his insights on how the cybersecurity space is evolving in Hong Kong lately, and even suggested a few effective practices that come in handy for organization to secure their data and avert any potential cyber threats. With over two decades of experience under his belt, Ken is one of the most well-known figures in Hong Kong's sales and marketing sectors. Read on to know more about this interesting conversation –  

What are some of the emerging cybersecurity trends that we are witnessing lately among business in Hong Kong?

Of late, there has been a significant increase in the amount of cyber-crimes in Hong Kong. If recent estimates from the Hong Kong police are to go by, the first half of 2023 witnessed a 47 percent rise in cyber-crimes, with a majority of them being ransomware attacks specifically targeting large enterprises and public sector organizations. Any company that has become a victim of a ransomware attack not only incurs financial losses due to disruptions in operations, but also face strict legal/regulatory consequences. As a result, enterprises in the country are now increasingly adopting stringent security measures to stay clear of such ransomware attacks and fortify their reputation in the market.

Suggest a few effective strategies for organizations to strengthen their backup strategies and mitigate ransomware attacks.

Since majority of these ransomware attacks specifically target enterprise data, the first and foremost practice that organizations must implement is to have an effective and airtight data backup and restore mechanisms in place. Having strong data backup strategy enables enterprises to format their systems or applications and quickly restore data in the event of a cyber-attack without having to pay any ransom to the cyber criminals. However, it is extremely crucial for the companies to ensure that the backups always remain completely isolated from their network so it stays unaffected if any malware does penetrate the network. Considering the high criticality of cybersecurity in today's digital era, it is also advised for enterprises to seek the help of security experts & professionals to conduct periodic threat assessment and penetration testing to ensure there are no security related vulnerabilities in the organization's network or applications.

How can organizations train their manpower to ensure end-to-end security against ransomware attacks?

While there are numerous ways ransomware attacks are carried-out, two ways that are being used extensively by cyber criminals lately are through phishing emails and malicious downloads. Another technique that cyber criminals are increasingly using in recent times is social engineering, wherein the cyber criminals manipulate the victims into believing them to be their seniors and instruct them to click on the infested files or links. Thus, it is paramount for the organizations to create awareness among their employees about these new attack patterns and educate them on how to identify such suspicious activity and report it immediately the internal security teams. Additionally, enterprises can also conduct regular third-party audits from security experts to ensure the entire network and applications are void of any kind of vulnerabilities. Lastly, there must a clearly defined hierarchy of authority within the organization in terms of who will be able having what level of access within the network.

Tell us about a few effective practices that organizations can implement to improve the protection of their endpoint devices.

Majority of the ransomware attacks successfully penetrate into an organization's network through endpoint devices due to human error or negligence. To tackle this concern, enterprises can utilize numerous endpoint protection platforms that are available in the market to consolidate, set the right proxy and protect all the devices that are connected to the organization's network. Additionally, companies can also implement a sandbox solution which facilitates having critical warning environment and testing environment on separate networks/network segments, thus preventing any kind of untested or malicious software/file from entering into the operations network without being tested by the sandbox. Lastly, since they frequent updates pertaining to latest security patches and antivirus software updates, enterprises must pay close attention to the recommendation given by their technology vendors and incorporate them as quickly as possible.

Briefly explain the role of the Hong Kong government in improving the cybersecurity landscape within the country.

Of late, we have seen a lot of programs being implemented in Hong Kong around creating awareness and educating people about the importance of cybersecurity in today's digital era. The government of Hong Kong has also launched a cybersecurity alert application that enables even the common people to not only access the latest information pertaining to cybersecurity, but also validate the authenticity of any suspicious links or emails or messages that they receive. Further, the government and other regulatory bodies must collaborate with cybersecurity industry experts and take their advice while formulating new, guidelines or frameworks pertaining to cybersecurity.