GovCERT.HK keeps observing the cyber security threat trends and shares some observations in March 2021 as follows:
Password reuse and weak passwords increase the threat of user credential compromise. Adoption of multi-factor authentication is recommended. Organisations could check against blacklisted passwords regularly to screen out commonly used, weak or compromised passwords.
Distributed Denial of Service (DDoS) attacks surge during COVID-19 pandemic. Attackers continue weaponising new attack vectors to launch attacks. Organisations should implement security controls such as subscription of DDoS mitigation service and reduce attack surface to defend against DDoS attacks.
Attackers trend to employ double-extortion ransomware attacks. Backups should be stored offline as soon as possible. Sensitive data should be properly encrypted to deter attackers disclosing the information.
For details, please read the "Cyber Security Threat Trends 2021-M03" report.
GovCERT.HK keeps observing the cyber security threat trends and shares some observations in February 2021 as follows:
Threat actors actively and rapidly seize opportunities to exploit system vulnerabilities. System administrators should patch their systems timely to defend against potential exploitations.
Credential stuffing attacks are widely used by attackers to compromise user accounts. Users should not use same password for different systems. Users should adopt strong passwords, change the passwords regularly, and enable multi-factor authentication wherever applicable.
Phishers and fraudsters use common hot topics and shopping promotions as phishing themes to entice victims and use improved technologies to evade detection. Users should check the authenticity of electronic messages and websites, stay vigilant against suspicious links and attachments in electronic messages.
For details, please read the "Cyber Security Threat Trends 2021-M02" report.
GovCERT.HK keeps observing the cyber security threat trends and shares some observations in January 2021 as follows:
Vulnerabilities of virtual private network solution and remote desktop protocol induce extreme risk of breach during pandemic. New vulnerabilities on popular virtual meeting systems are discovered and exploited. Organisations should prioritise patching based on associated risks such as risk severity, availability of Proof of Concept exploit and ease of exploitation.
Misconfigured databases or services can lead to severe data breaches. Organisations should ensure their systems are properly configured with adoption of least privilege principle.
Web applications and application programming interfaces (APIs) are targeted by threat actors to launch cyber attacks. Organisations should adopt secure by design approach, integrate security throughout application development lifecycle and adopt different protection measures such as web application firewall, API gateway, dedicated bot management tool, etc.
For details, please read the "Cyber Security Threat Trends 2021-M01" report.