HKCERT Enhances Cybersecurity Measures Amid Surge in Incidents with AI

HKCERT Steps Up Cybersecurity Game to Combat AI-Powered Threats | CyberPro Magazine

(Source – HKCERT)

AI Integration in Cybersecurity

Hong Kong’s leading information security watchdog, the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT), has turned to artificial intelligence (AI) to bolster its cybersecurity defenses. This move comes as the organization reported a 31% rise in cybersecurity incidents in the first half of 2024. Since May, HKCERT has been testing AI language models to detect phishing websites and enhance its risk alert systems.

In the first six months of 2024, HKCERT managed 5,161 cybersecurity incidents, a significant increase from the 3,950 incidents recorded in the latter half of 2023. A substantial contributor to this spike was a 59% rise in phishing incidents, with the organization identifying a record 18,000 malicious URLs. Alex Chan Chung-man, general manager of HKCERT’s digital transformation division, highlighted the growing sophistication of hackers, noting the use of advanced tools such as AI-generated deepfake impersonations and hard-to-detect malware.

AI’s Role in Threat Detection

Since May, HKCERT has employed a large language AI model to scrutinize website domain names for potential phishing sites, allowing for their prompt reporting or removal. In just the month of May, the AI tool analyzed over 3.7 million websites, exponentially increasing the watchdog’s processing capabilities.

The AI system has successfully identified phishing websites mimicking popular platforms like the Japanese e-commerce site Rakuten, as well as social media giants WhatsApp and Facebook. Additionally, AI has been instrumental in enhancing HKCERT’s cybersecurity alert system. The tool analyzes threat intelligence data specific to Hong Kong, detecting trends in phishing, malware, and botnet attacks. Following staff evaluation, the AI-generated security alerts are then published on the watchdog’s website. According to Chan, this integration of AI has improved the efficiency of their intelligence analysis by 80%.

Rising Cybersecurity Concerns

The announcement of HKCERT’s AI-driven advancements coincides with alarming statistics from the police, who received over 18,000 reports of cybersecurity attacks in the first quarter of the year. A series of high-profile data breaches earlier this year, involving both private businesses and government departments, has intensified calls for enhanced cybersecurity measures in the city.

In early May, it was revealed that a malware scam orchestrated by a suspected Malaysia-based syndicate had resulted in 41 residents losing HK$12 million (US$1.54 million). Furthermore, the personal data of over 130,000 individuals was leaked in separate breaches affecting the Fire Services Department, Companies Registry, and Electrical and Mechanical Services Department within the same week.

These consecutive breaches prompted the Office of the Government Chief Information Officer to urge all bureaus and departments to review their computer security protocols. Notable cyberattacks later in the month targeted the jewellery chain Luk Fook Holdings and the Hong Kong College of Technology. IT experts are now advocating for centralized cybersecurity policies across all government departments and associated organizations to mitigate further risks.

In response to these growing threats, Chief Executive John Lee Ka-chiu announced in his 2023 policy address that new legislation would be introduced this year to enhance the cybersecurity protection of critical infrastructure. This legislative move aims to fortify the city’s defenses against the increasingly sophisticated cyber threats.