By Nicky Au, General Manager, Ensign InfoSecurity, Greater China
Hong Kong has been hit by a spate of cyberattacks in the last year, notably British engineering firm’s HKD200 million deepfake video conference scam and a series of ransomware attacks targeting the government, healthcare and education sectors. Worsened by the rampant abuse of Artificial Intelligence (AI) to manipulate truths, it is evident that no entity is immune to becoming a victim of cyberattacks, regardless the scale of its business or industry sector.
Ransom as the primary motive for cyberattacks
Ensign InfoSecurity (“Ensign”), Asia’s largest comprehensive cybersecurity solutions provider, identified ransom as the primary objective in 69% of all observed attacks in the Greater China Region in 2023. This is one of the key insights highlighted in Ensign’s fifth edition of the Cyber Threat Landscape Report, which draws on Ensign’s proprietary and cyber threat intelligence sources.
The predominance of ransom as the primary motive pursued by cyber threat actors reflects a global escalation of ransomware threats for corporations. Ensign observed a shift in how attackers operate, with some companies being extorted multiple times in a single attack by the same attacker – initially to recover systems, and subsequently to “quietly” delete the data. Meanwhile, others have suffered from attacks by multiple perpetrators exploiting the same vulnerability.
TMT, Manufacturing, and Professional Services emerged as the top 3 most targeted sectors
The report also ranked the topmost targeted industries in the region, with Technology, Media and Telecommunications observed as the most targeted industries in the region. Correlating both ransom and the targeted industry groups, Ensign believed that ransoms were made to capitalise on businesses supporting economic recovery post-pandemic and the access to information across the cyber supply chain for information theft and espionage.
AI – a friend and foe to businesses
Since the discovery of AI, business leaders have leveraged it to drive business growth while prioritising security. AI allows businesses access to more AI-enabled cyber defence tools that identify and mitigate vulnerabilities faster and improve response times to potential threats while improving their operational resilience. However, cyber threat actors also use AI to develop malicious cyber tools such as deepfakes, which use deep learning to manipulate or replace parts of an original video or image, including a person’s face.
Today, there are a few ways to detect deepfakes, largely through visual inspections such as unusual or awkward facial positioning and body movements, strange flickering, or mismatched lip movements. However, with rapid technological advancement, detecting deepfakes is becoming increasingly challenging as more convincing deepfake images and videos emerge.
Ensign has been researching and developing a deepfake detection solution using a two-pronged approach. First, deepfakes are generated and training datasets are built using open-source deepfake algorithms to identify flaws. The detection tool is developed by targeting the weakest points of these algorithms. Utilising digital forensics analysis and machine learning on both deepfake and real videos, a detection algorithm is designed that analyses frame by frame to identify and mitigate advanced deceptions.
With the increasing digitalisation, AI adoption, and the push for digital payments and trade systems across ASEAN and the Asia Pacific region, cyber threats are expected to worsen in 2024. The Greater China region faces unique cybersecurity challenges due to ongoing complications with the US and rising security concerns from East Asian neighbours, creating new opportunities for cyber attackers. It is critical for organisations to understand these threats and how attackers operate to devise effective cybersecurity plans. Ensign aims to work with companies to establish higher standards of cyber hygiene, ensuring they are well-equipped to fend off cybercriminals.
This article has been published in the 2024 Summer Issue Quarterly Journal "CONNECT" by the Employers’ Federation of Hong Kong.