The past year has seen both more civil unrest and more advanced cyber attacks in Hong Kong. Is there a link?
New research from FireEye reports that 43% of organizations observed in Hong Kong were targeted with advanced cyber attacks in the second half of 2015. This puts Hong Kong three times more likely to face these APT attacks than the global average, which is only about 15%.
Social media in recent months blames cyber attacks emanating from mainland China as a root cause for the technology onslaught. Rumors and theories swirl around mainland China's dislike of how the Hong Kong government is handling itself in the wake of the civil disturbances; plus attackers outside of Asia may be also threatening Hong Kong's government and financial institutions because of their support for the mainland Chinese government.
FireEye representative Bryce Boland confirmed some of these rumors in a company statement: "It's also in close proximity to advanced, prolific threat actors with an interest in Hong Kong's political and economic development."
And last December, FireEye released intelligence on a Chinese cyber threat group referred to as "[email protected]" which allegedly targeted reporters at Hong Kong-based media organizations. In August, the group reportedly sent spear phishing emails about newsworthy developments with malicious attachments to Hong Kong-based media organizations, including newspapers, radio and television outlets.
China-based Internet security expert Danny Levinson also confirmed the attacks from outside of Hong Kong. He says, "Yes there are attacks coming from China that are hitting Hong Kong organizations, but we also see monitoring reports of APT coming from outside of Asia. The DNA of these attacks is unlike what we see coming from China, so we can assume they are from different actors and targeting Hong Kong organizations for different reasons."
Hong Kong has some of the world's fastest Internet speeds, coupled with almost no State-sponsored filters or Web blocks. This is in contrast to China's Internet speeds, which are slow and block websites like NYTimes.com, Facebook, Twitter, and YouTube.