(Hong Kong, 19 October 2021) The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) of the Hong Kong Productivity Council is urging local users of remote access tools and network-attached storage (NAS) devices to step up security to fend off ransomware attacks targeting such devices. As recently HKCERT has observed from various sources that there has been an increase in ransomware attacks globally. Vulnerabilities in the remote access tools and NAS devices are found to be the major attack vectors for the latest wave of ransomware attacks. These hybrid workspace tools are commonly adopted by local enterprises during the COVID-19 pandemic.
According to incident reports, the ransomware attacked both servers and end users’ desktops, encrypted the data and paralysed business operations. Some such as REvil and Conti would even steal sensitive data in which the attackers threaten to disclose to the public if the ransom is not paid. Due to the data is held hostage, ransom payments in cryptocurrency, ranging from $400,000 to $1,400,000, which could incur substantial financial impact on the victims, were demanded.
With Virtual Private Network gateways and remote control applications, requiring a direct connection to the Internet, if the vulnerabilities of the gateway device are not promptly patched, the risk of it being exploited is extremely high. HKCERT urges both individuals and organisations to stay vigilant, pay extra attention to ransomware attacks, and adopt the following preventive measures :
Should users have further questions, please do not hesitate to contact HKCERT via email: email@example.com or its 24-hour telephone hotline: 8105 6060. HKCERT will continue monitoring the latest development of the attacks and keep the public informed if there are any updates.
- Ends -
Share the latest information of HKPC to your inbox
Support & Resource