HKCERT recently conducted a territory-wide security drill to help measure the ability of local fixed and mobile network infrastructure to stand up against cyber threats.
The drill simulated various cyber attack scenarios that would require coordinated action by bodies including the police, the office of the government CIO, ISPs and mobile network operators.
During the drill, participants contained a targeted distributed reflective denial-of-service attack against a financial institution, as well as a phishing attack aimed at its clients.
But HKCERT said the drill also identified areas of improvement surrounding the response to the threats.
HKCERT senior consultant Leung Siu-Cheong said the team recorded 2,553 security incidents during the first nine months of 2014, up 155% year-on-year.
Nearly three quarters of these were botnet and phishing cases, and many of these related to the theft of online banking data or personal identities.
“Apart from being direct targets of cyber attacks, companies must beware that their information technology infrastructures can be used by hackers to launch attacks against others,” he said.
“To address these threats, they need to work with other internet stakeholders collectively to secure their systems and be prepared to respond to such attacks.”