Experts have advised companies to enhance cyber security staff training and adopt proactive defense strategies to cope with evolving attacks, after Hong Kong police received over 440,000 pieces of intelligence on cyber threats targeting the city last year.

At a news conference last week, the police force’s Cyber Security and Technology Crime Bureau (CSTCB) released a cybersecurity report – the first of its kind since the bureau’s establishment in 2015 – outlining Hong Kong’s cybersecurity situation.

Last year, the bureau processed over 25 million pieces of cyber threat intelligence, of which more than 440,000 targeted the city. About 65 percent of the threats were phishing attacks, which lure employees into clicking malicious links in emails that download malware or allow access to sensitive company information.

READ MORE: InvestHK checks for data leaks following ransomware attack

The sources of the attacks came from across the world, with some involving international hacker organizations, the police said.

Among the 33,903 cases of technology-related crimes logged last year, about 100 were classified as destructive cyber-attacks. These included 61 system intrusion cases (a 65 percent year-on-year increase) and 46 cases involving ransomware (a type of malware that encrypts a victim’s files before demands for payment are made to release access), double the number of 2023.

Although the number of cyber-attacks is relatively low, each incident can have serious consequences for the company involved, such as service disruption, leakage of sensitive data, reputational damage, and even significant financial loss, the police said.

A total of 7,680 technology crimes were reported in the first quarter of this year, representing a 1.1 percent increase on the same period last year, with losses amounting to about HK$1.43 billion ($182 million), an 11.7 percent year-on-year decrease.

Superintendent Baron Chan Shun-ching said that victimized organizations commonly have security vulnerabilities, including poor access control and configuration, outdated and unpatched systems, and a lack of threat detection mechanisms.

He attributed rising case numbers to heightened public awareness following the passage of the Protection of Critical Infrastructures (Computer Systems) Ordinance in March this year, which mandates reporting previously voluntarily reported incidents.

Senior Superintendent Carmen Leung Oi-lam of the CSTCB said that last year’s regular cybersecurity assessments of the city’s key infrastructure examined over 90,000 internet assets, with about 4,500, or 5 percent, found to have varying degrees of system vulnerabilities or weaknesses.

Among the security loopholes, 89 percent were considered medium to low risk, including certificate authorization issues, while the remaining 11 percent were rated from high to extremely high risk, involving the leakage or theft of system login credentials and the exposure of cloud storage services, police said.

The affected organizations were warned to make timely repairs, police added.

The CSTCB urged individuals and companies to step up their defense capacities through cybersecurity awareness training, upgraded security systems, and regular data backups and cybersecurity exercises.

Francis Fong Po-kiu, honorary president of the Hong Kong Information Technology Federation, told China Daily that high-risk flaws in company systems could allow remote malicious code execution, potentially giving attackers full control over affected systems.

READ MORE: InvestHK: No data leakage in recent ransomware attack

He said that systemic weaknesses are common in local enterprises, including insufficient visibility over cloud and third-party digital assets, delayed patch management, inadequate awareness of supply chain risks, overreliance on perimeter defenses such as firewalls, and lax security configuration standards.

Fong said an ideal cyber defense strategy should combine human expertise with technological solutions, maintaining essential staff training while fully leveraging the advantages of advanced defense systems.

In response to escalating cyber threats, Fong urged local businesses to adopt proactive measures that include rapid patching of high-risk vulnerabilities, comprehensive asset visibility platforms, AI-integrated defense systems, and continuous security monitoring protocols.

Contact the writer at stephyzhang@chinadailyhk.com