HKCERT Rebrands for a New Paradigm of Cyber Security with AI-Driven Cyber Threat Alerts Strengthens International Collaboration for Cyber Attacks
On June 26, the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) unveiled its new Chinese name and the launch of its cutting-edge technologies in the fight against cyber attacks. The rebranding will better reflect the purpose and scope of HKCERT's services, enhancing the understanding of HKCERT in Hong Kong, especially small and medium-sized enterprises (SMEs) and the public. The two applications introduced in the ceremony, leverage artificial intelligence (AI) technology to strengthen cyber attack detection and early alert capability, demonstrating HKCERT’s commitment to enhancing overall cyber security protection in Hong Kong.
Leveraging AI for Proactive Defence against Cyber Attracts
In the first half of this year, the number of cyber security incidents handled by HKCERT increased by 31%, compared to the latter half of 2023. Among these incidents, phishing attacks accounts for the largest proportion, rising from 2,018 to 3,212 cases, involving over 18,000 malicious URLs, also the highest on record. Furthermore, the security incidents happened in the past six months revealed some more sophisticated, AI-related cyber attacks. Of particular concern is the Next-Level Phishing Attacks, such as the recent deepfake scam, targeting major institutions. These trends coincide with the five key security risks which HKCERT previously brought the public to alert.
To assist all walks of life in dealing with cyber security threats, Mr Alex CHAN, General Manager of the Digital Transformation Division of Hong Kong Productivity Council (HKPC) and spokesperson for HKCERT, announced two cyber security applications leveraging AI technology during the ceremony. The first application aims to address the increasing severity of phishing attacks by using AI system that proactively detects and distinguishes phishing URLs. Upon detection, HKCERT will promptly take action to remove the phishing URLs, reducing the chances of individuals falling victims to phishing attacks. Another application is cyber security risk alert system. This system utilises AI to analyse and access trends in phishing, malware, and botnet attacks specific to Hong Kong. It then disseminates alerts and defence measures to the public, enabling early prevention.
Both new applications utilised AI technology to handle large-scale data analysis and take proactive and precise actions to combat cyber threats. In the past month, over 3.7 million of URLs have been scanned, and successfully intercepted phishing websites, including those imitating popular e-commerce platforms and instant messaging software used by Hong Kong people. The AI system continues to learn and optimise its performance, and the information analysed will be disseminated to the public and the industry through the Hong Kong Police Force's Scameter and the HKCERT website.
Collaborating with Domestic and International Experts Actively Building a Cyber Security Information Sharing Platform
HKCERT was established in 2001 with funding from the Hong Kong SAR Government and operated by HKPC, actively seeks collaborations with domestic and international partners to enhance its cyber defensive capabilities. HKCERT is also a member among over 110 countries of the Forum of Incident Response and Security Teams (FIRST) and the Asia Pacific Computer Emergency Response Team (APCERT). We exchange information with other CERTs and act as a point of contact on cross-border security incidents.
In May of this year, HKCERT signed a memorandum of understanding with AusCERT from Australia, solidifying a long-term partnership for the next three years in cyber defensive security incident response, threat intelligence sharing, and project development. The collaboration also extends to the application of AI technology to combat phishing attacks, as well as exploring other measures to ensure the stability of Hong Kong’s cyber security. In addition, HKCERT has established a collaborative mechanism with the Office of the Government Chief Information Officer (OGCIO) and the National Computer Network Emergency Response Technical Team (CNCERT) to jointly address cyber security incidents that impact both the Mainland and Hong Kong.
Mr Mohamed BUTT, Executive Director of HKPC, said, "Hong Kong is an important international centre for finance, trade, shipping, and communication with world-class infrastructure such as data centres and innovation research laboratories and so on. Given this infrastructure extensively reliant on network communication technologies, ensuring robust cyber security is of utmost importance. Today marks a significant milestone for HKCERT. Moving forward, in addition to handling network incidents, HKCERT will actively and swiftly respond to the latest cyber threats and attacks, enhancing the security awareness of both enterprises and individual users. Looking ahead, we will focus on safeguarding network security, combating malicious activities, and strengthening defence awareness. We will actively collaborate with international cybersecurity professional organisations, responding quickly and proactively to the latest cyber threats and attacks while expanding our cyber protection coverage."
Speaking at the opening ceremony, the Government Chief Information Officer, Mr Tony WONG said, "With the steadfast support of the Government, HKCERT will be able to give fuller play to its role as a cyber security incident response coordination centre in providing swift and efficient support to safeguard the information security of Hong Kong citizens and enterprises. To cope with the evolving cyber environment, I hope that HKCERT will continue to closely work with network providers and CERT teams in various countries and regions, minimising the risk of cyber attacks together and continuing to keep threats at bay through education and prevention for building a robust defence line in safeguarding Hong Kong’s cyber security."
Cultivating Cyber Talents and Enhancing Future Cyber Threat Response
Cultivating talent is an essential part of development of technology. Under the New Industrialisation and Technology Training Program (NITTP) funded by the Innovation and Technology Fund, local employees of businesses are supported with a 2(Government):1(enterprise) matching basis to receive advanced technology training, thereby assisting companies in nurturing more cyber security-related professionals. Meanwhile, HKCERT is preparing for its annual flagship event, the 5th HKCERT Capture the Flag (CTF) Challenge. Last year, the challenge saw participation from over a thousand individuals for the second consecutive year and, for the first time, introduced an overseas category, making it comparable in scale to other similar CTF competitions in neighbouring regions. This year, the competition consists online qualifying rounds and an on-site final competition. A series of cyber attack and defence workshops will be organised before the competition, providing participants with a taste of professional cyber security practices. The registration for the CTF competition is expected to open in July.
HKCERT officially launched “Hong Kong Computer Emergency Response Team Coordination Centre”, witnessed by Mr Tony WONG from the Office of the Government Chief Information Officer (third from left), Mr Mohamed BUTT, Executive Director of HKPC (fourth from left) and other distinguished guests.
Mr Alex CHAN, General Manager, Digital Transformation of HKPC, and spokesman of HKCERT, summarised the situation of cyber security incidents in Hong Kong in the first half of 2024. He also announced two cyber security applications leveraging AI technology to take proactive and precise actions to combat cyber threats.
Guests visited HKCERT’s new office after the ceremony to learn its latest equipment and design, enhancing monitoring and response capability to Hong Kong’s cyber security landscape.
Comments