GovCERT.HK keeps observing the cyber security threat trends and shares some observations in June 2021 as follows:
Attackers continue to seize opportunities to compromise Virtual Private Network (VPN) of organisations. Organisations should prioritise and promptly patch or perform mitigation measures to their VPN solutions, and keep abreast of up-to-date cyber security news and vendors’ security bulletins.
Exposed vulnerabilities, servers and cloud instances are always targeted by attackers. System administrators should patch their systems timely, disable unneeded network ports and services, and keep an up-to-date IT asset inventory including servers and public cloud instances.
Ransomware attacks resurge with new attack and extortion tactics, causing serious damage to the victims. Organisations should strictly follow the least privilege principle, implement updated endpoint protection solutions, regularly backup their data, keep offline backup, and properly encrypt their sensitive data.
For details, please read the "Cyber Security Threat Trends 2021-M06" report.
GovCERT.HK keeps observing the cyber security threat trends and shares some observations in May 2021 as follows:
Attackers keep on switching attack vectors and increasing attack volume in Distributed Denial of Service (DDoS) attacks. Organisations should implement and continuously review their DDoS protection measures.
Misconfigurations in cloud platforms can lead to data leakage and security breach. Organisations should adopt least privilege principle, encryption, multi-factor authentication, network segmentation, etc. in their cloud environments.
Phishing and human negligence are main causes of security breaches. Organisations should, in addition to conduct security awareness training and phishing simulation program customised to their environments, continuously review and upgrade their existing protection solutions to defend against evolving cyber security threats.
For details, please read the "Cyber Security Threat Trends 2021-M05" report.
GovCERT.HK keeps observing the cyber security threat trends and shares some observations in April 2021 as follows:
Security risks associated with vulnerable or outdated open source or third-party libraries are easily overlooked by organisations. Organisations should maintain an updated inventory of third-party components used in their applications, as well as review and update those components with known vulnerabilities regularly.
Vulnerabilities of Virtual Private Network (VPN) solutions or remote management utilities are increasingly targeted by attackers. System administrators should install security patches on a timely basis, shut down unnecessary network ports and services to reduce attack surfaces, and implement multi-factor authentication to strengthen the authentication control.
Bad bot traffic related to malicious activities reaches a new high. Organisations should ensure that their websites have sufficient security measures and system resources to handle bot traffic. Monitoring and blocking mechanisms should be in place to detect and defend against bad bots.
For details, please read the "Cyber Security Threat Trends 2021-M04" report.
GovCERT.HK keeps observing the cyber security threat trends and shares some observations in March 2021 as follows:
Password reuse and weak passwords increase the threat of user credential compromise. Adoption of multi-factor authentication is recommended. Organisations could check against blacklisted passwords regularly to screen out commonly used, weak or compromised passwords.
Distributed Denial of Service (DDoS) attacks surge during COVID-19 pandemic. Attackers continue weaponising new attack vectors to launch attacks. Organisations should implement security controls such as subscription of DDoS mitigation service and reduce attack surface to defend against DDoS attacks.
Attackers trend to employ double-extortion ransomware attacks. Backups should be stored offline as soon as possible. Sensitive data should be properly encrypted to deter attackers disclosing the information.
For details, please read the "Cyber Security Threat Trends 2021-M03" report.
GovCERT.HK keeps observing the cyber security threat trends and shares some observations in February 2021 as follows:
Threat actors actively and rapidly seize opportunities to exploit system vulnerabilities. System administrators should patch their systems timely to defend against potential exploitations.
Credential stuffing attacks are widely used by attackers to compromise user accounts. Users should not use same password for different systems. Users should adopt strong passwords, change the passwords regularly, and enable multi-factor authentication wherever applicable.
Phishers and fraudsters use common hot topics and shopping promotions as phishing themes to entice victims and use improved technologies to evade detection. Users should check the authenticity of electronic messages and websites, stay vigilant against suspicious links and attachments in electronic messages.
For details, please read the "Cyber Security Threat Trends 2021-M02" report.
GovCERT.HK keeps observing the cyber security threat trends and shares some observations in January 2021 as follows:
Vulnerabilities of virtual private network solution and remote desktop protocol induce extreme risk of breach during pandemic. New vulnerabilities on popular virtual meeting systems are discovered and exploited. Organisations should prioritise patching based on associated risks such as risk severity, availability of Proof of Concept exploit and ease of exploitation.
Misconfigured databases or services can lead to severe data breaches. Organisations should ensure their systems are properly configured with adoption of least privilege principle.
Web applications and application programming interfaces (APIs) are targeted by threat actors to launch cyber attacks. Organisations should adopt secure by design approach, integrate security throughout application development lifecycle and adopt different protection measures such as web application firewall, API gateway, dedicated bot management tool, etc.
For details, please read the "Cyber Security Threat Trends 2021-M01" report.