Advertisement

Ransomware jeopardises Hong Kong logistics and financial services, report finds, amid surge of attacks in 2023

  • Financial services and logistics were the hardest-hit sectors in Hong Kong, while manufacturing was the most impacted across Greater China by ransomware
  • Ransomware payouts, typically done in cryptocurrency, reached new highs last year, but median payments fell possibly due to effective negotiation tactics

Reading Time:2 minutes
Why you can trust SCMP
1
Palo Alto Networks’ Wickie Fung, managing director for Hong Kong and the Greater Bay Area, and Felix Cheng, head of systems engineering, at a press conference on the rise of ransomware attacks on March 13, 2024. Photo: Kelly Le
Financial services and logistics were Hong Kong’s hardest-hit sectors by ransomware in 2023, a new study has found, in a year when such attacks spiked as criminals adopted new tools like those using artificial intelligence (AI).
Advertisement

Cybersecurity firm Palo Alto Networks identified 3,998 posts from ransomware groups on websites for leaked information, a 49 per cent increase over 2022. Hong Kong’s two largest industries were the most targeted for extortion, Wickie Fung, Palo Alto Networks’ managing director for Hong Kong and the Greater Bay Area, said during a press briefing on Wednesday.

As a finance hub, Hong Kong’s banks and other financial institutions possess “vast amounts of valuable data”, which make them “hot targets for multi-extortion attacks” by ransomware gangs, Fung said.

Manufacturing was the most impacted industry across the Greater China area, the firm found. This industry typically has limited visibility into its operational technology systems, Fung said, contributing to cybersecurity vulnerabilities.

Ransomware typically involves the theft or encryption of private data with a threat to release or delete that data unless a ransom is paid, typically in cryptocurrency. Blockchain analytics firm Chainalysis found that at least US$1.1 billion in ransomware was paid out in crypto last year, the largest on record and an estimate the firm called “conservative”. Ransomware incidents are often under-reported, as many firms prefer to quietly contain the fallout.

While total payouts have risen substantially over 2022 – when Chainalysis recorded a 40 per cent decline owing to disruptions from the Russia-Ukraine war – Palo Alto Networks found evidence that organisations are seeing some success in pushing back.
Advertisement

Median ransom demands were up 3 per cent last year to US$695,000 from US$650,000 in 2022, but median payouts fell 32 per cent to US$237,500 from US$350,000, according to the report. The discrepancy may be the result of effective negotiations from incident response teams, the report said.

Advertisement