Ransomware jeopardises Hong Kong logistics and financial services, report finds, amid surge of attacks in 2023
- Financial services and logistics were the hardest-hit sectors in Hong Kong, while manufacturing was the most impacted across Greater China by ransomware
- Ransomware payouts, typically done in cryptocurrency, reached new highs last year, but median payments fell possibly due to effective negotiation tactics
Cybersecurity firm Palo Alto Networks identified 3,998 posts from ransomware groups on websites for leaked information, a 49 per cent increase over 2022. Hong Kong’s two largest industries were the most targeted for extortion, Wickie Fung, Palo Alto Networks’ managing director for Hong Kong and the Greater Bay Area, said during a press briefing on Wednesday.
As a finance hub, Hong Kong’s banks and other financial institutions possess “vast amounts of valuable data”, which make them “hot targets for multi-extortion attacks” by ransomware gangs, Fung said.
Manufacturing was the most impacted industry across the Greater China area, the firm found. This industry typically has limited visibility into its operational technology systems, Fung said, contributing to cybersecurity vulnerabilities.
Ransomware typically involves the theft or encryption of private data with a threat to release or delete that data unless a ransom is paid, typically in cryptocurrency. Blockchain analytics firm Chainalysis found that at least US$1.1 billion in ransomware was paid out in crypto last year, the largest on record and an estimate the firm called “conservative”. Ransomware incidents are often under-reported, as many firms prefer to quietly contain the fallout.
Median ransom demands were up 3 per cent last year to US$695,000 from US$650,000 in 2022, but median payouts fell 32 per cent to US$237,500 from US$350,000, according to the report. The discrepancy may be the result of effective negotiations from incident response teams, the report said.