HKCERT Enhances Cybersecurity Measures Amid Surge in Incidents with AI

Written by CyberPro  »  Updated on: November 19th, 2024

HKCERT Enhances Cybersecurity Measures Amid Surge in Incidents with AI

HKCERT Steps Up Cybersecurity Game to Combat AI-Powered Threats | CyberPro Magazine

(Source – HKCERT)

AI Integration in Cybersecurity

Hong Kong’s leading information security watchdog, the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT), has turned to artificial intelligence (AI) to bolster its cybersecurity defenses. This move comes as the organization reported a 31% rise in cybersecurity incidents in the first half of 2024. Since May, HKCERT has been testing AI language models to detect phishing websites and enhance its risk alert systems.

In the first six months of 2024, HKCERT managed 5,161 cybersecurity incidents, a significant increase from the 3,950 incidents recorded in the latter half of 2023. A substantial contributor to this spike was a 59% rise in phishing incidents, with the organization identifying a record 18,000 malicious URLs. Alex Chan Chung-man, general manager of HKCERT’s digital transformation division, highlighted the growing sophistication of hackers, noting the use of advanced tools such as AI-generated deepfake impersonations and hard-to-detect malware.

AI’s Role in Threat Detection

Since May, HKCERT has employed a large language AI model to scrutinize website domain names for potential phishing sites, allowing for their prompt reporting or removal. In just the month of May, the AI tool analyzed over 3.7 million websites, exponentially increasing the watchdog’s processing capabilities.

The AI system has successfully identified phishing websites mimicking popular platforms like the Japanese e-commerce site Rakuten, as well as social media giants WhatsApp and Facebook. Additionally, AI has been instrumental in enhancing HKCERT’s cybersecurity alert system. The tool analyzes threat intelligence data specific to Hong Kong, detecting trends in phishing, malware, and botnet attacks. Following staff evaluation, the AI-generated security alerts are then published on the watchdog’s website. According to Chan, this integration of AI has improved the efficiency of their intelligence analysis by 80%.

Rising Cybersecurity Concerns

The announcement of HKCERT’s AI-driven advancements coincides with alarming statistics from the police, who received over 18,000 reports of cybersecurity attacks in the first quarter of the year. A series of high-profile data breaches earlier this year, involving both private businesses and government departments, has intensified calls for enhanced cybersecurity measures in the city.

In early May, it was revealed that a malware scam orchestrated by a suspected Malaysia-based syndicate had resulted in 41 residents losing HK$12 million (US$1.54 million). Furthermore, the personal data of over 130,000 individuals was leaked in separate breaches affecting the Fire Services Department, Companies Registry, and Electrical and Mechanical Services Department within the same week.

These consecutive breaches prompted the Office of the Government Chief Information Officer to urge all bureaus and departments to review their computer security protocols. Notable cyberattacks later in the month targeted the jewellery chain Luk Fook Holdings and the Hong Kong College of Technology. IT experts are now advocating for centralized cybersecurity policies across all government departments and associated organizations to mitigate further risks.

In response to these growing threats, Chief Executive John Lee Ka-chiu announced in his 2023 policy address that new legislation would be introduced this year to enhance the cybersecurity protection of critical infrastructure. This legislative move aims to fortify the city’s defenses against the increasingly sophisticated cyber threats.


Disclaimer:

We do not claim ownership of any content, links or images featured on this post unless explicitly stated. If you believe any content or images infringes on your copyright, please contact us immediately for removal ([email protected]). Please note that content published under our account may be sponsored or contributed by guest authors. We assume no responsibility for the accuracy or originality of such content. We hold no responsibilty of content and images published as ours is a publishers platform. Mail us for any query and we will remove that content/image immediately.