The Hong Kong Cyber Security Outlook 2025 by the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) indicates that phishing incidents have reached a five-year high, with a staggering 12,536 security cases recorded in 2024, over half of which (7,811 cases, or 62%) were phishing attacks. This marks a dramatic 108% increase from the previous year, indicating a shift in tactics by cybercriminals.
Phishing links alone surpassed 48,000 in 2024, a 150% year-on-year rise, with the banking, finance, and e-payment sectors being primary targets. Malware incidents also surged significantly, rising 4.8-fold, predominantly involving trojans masquerading as legitimate applications.
Ir Alex Chan, general manager of the Digital Transformation Division of the Hong Kong Productivity Council (HKPC), emphasised the growing risks associated with third-party suppliers and digital signage systems, warning that critical infrastructure sectors, including healthcare and transportation, are particularly vulnerable to attacks.
The HKCERT report identifies five key cyber security risks for 2025:
Third-party risks: Vulnerabilities in suppliers and service providers may lead to serious data breaches and supply chain attacks.
Data leakage in LLMs: Large language models face risks from prompt hacking and adversarial attacks, potentially leading to data manipulation.
AI-driven attacks: Cybercriminals are increasingly using generative AI to create malware and phishing content, showcasing the "weaponisation of AI".
Attacks on critical infrastructure: Cyber threats to essential services are on the rise, with past incidents including ransomware attacks on hospitals.
IoT security challenges: Digital signage and other IoT devices are at risk due to common security vulnerabilities, warranting heightened awareness and protective measures.
According to Chan, hackers prefer the path of least resistance, shifting their focus to breaching through third parties such as suppliers, contractors or service providers.
"Critical infrastructure including energy, land-sea-air transportation, banking and healthcare services are potential targets. Both low-altitude economy drones and IoT devices, like digital signages, are at risk of attack, which could have serious consequences," he continues.
"Organisations and individuals must prepare by implementing appropriate cyber incident response measures, deploying suitable cyber security measures, conducting regular security audits and penetration testing, and understanding and preventing relevant risks." Alex Chan
HKCERT recommendations
1. System and Software Security: Disable unnecessary software and services, ensure software library updates, implement strong password hashing, and update systems and software regularly
2. Network Security: Use security protocols (e.g. HTTPS) and enable system firewalls
3. Physical Security: Disable USB auto-run and auto-play features, restrict physical access interface
4. Data Protection Strategy: Implement regular data backups
5. Secure Content Management: Implement review procedures and monitor content integrity
6. Secure Account Management: Implement strong passwords and multi-factor authentication, adopt the principle of least privilege