top of page

Cybersecurity Briefing (November 9 - November 21)

1. More than 30% of businesses in the Asia-Pacific region lack adequate protection for their identity accounts.

On November 9, SailPoint Technologies, an enterprise identity security solution provider, published a report titled "The Horizons of Identity Security," which found that 44% of Asia-Pacific enterprises are still in the early stages of developing their identity security, and even some mature enterprises have less than 70% of their protected identity accounts. The report indicated that over 30% of enterprise identity accounts lack appropriate security protection, especially third-party identity, machine identity, and data. Establishing a foundation of identity security capabilities can accelerate an enterprise's response to security incidents, prevent malicious actors from obtaining verification and access to internal systems, and limit employee access to unnecessary permissions. Additionally, adopting AI technology-based solutions can help enterprises increase advanced functionality, enhance business agility, and accelerate their development.

2. ICBC fully owned subsidiary in the United States was hit by ransomware attacks, causing chaos in the US Treasury market.

On November 10, ICBC's subsidiary in the US suffered ransomware attacks, leading to a partial system interruption and causing chaos in the US Treasury market. ICBC Financial Services stated that it immediately cut off and isolated the affected systems upon discovering the attack and has launched a thorough investigation, notifying law enforcement agencies. Currently, the professional information security expert team is supporting the restoration work. Meanwhile, ICBC and other domestic and foreign affiliated institutions' systems were not affected by the incident, including ICBC New York Branch. The attack caused chaos in the US Treasury market, with some transactions unable to settle, and traders were asked to change trading routes. According to sources, the attacker that hit ICBC was possibly a group called Lockbit, which is said to have Russian backgrounds, previously attacking companies such as Boeing, UK ION Trading, and UK Royal Mail.

3. Prof Dong Sun, Secretary for ITIB, announced that the government plans to introduce critical infrastructure cybersecurity regulations next year.

On November 13, Prof Dong Sun, the Secretary for Innovation, Technology and Industry Government of the Hong Kong Special Administrative Region, stated that the government would release a policy declaration to promote digital circulation and security in Hong Kong by the end of the year and integrate relevant laws and regulations to accelerate the legal provisions for network security protection. He emphasized that Hong Kong invests too little in innovation and technology and needs to develop innovative technology firmly to succeed in the future. Also, it is necessary to plug loopholes from the policy and system levels, increase network security awareness throughout society and relevant departments, and plan to organize large-scale cybersecurity education events. Additionally, the government will establish a "Digital Policy Office," which will integrate the existing Government Chief Information Officer's Office and Efficiency Office to enhance the collaborative effect.

4. A cyber-attack on a U.S. medical transcription service compromised the personal information of 8.95 million people.

On November 16, PJ&A submitted a report to the US Department of Health and Public Services, stating that they suffered a cyberattack in March this year, resulting in the personal information of over 8.95 million people being leaked. According to the report submitted by PJ&A, the leaked data includes patients' names, dates of birth, addresses, medical histories, hospital accounts, admission diagnoses, service dates and times, and some social security numbers, insurance, and clinical information such as laboratory and diagnostic test results, drugs, treatment facility names, and healthcare provider names. PJ&A began notifying affected patients on October 31, including one of PJ&A's clients, Northwell Health, the largest healthcare group in New York State.

5. MOVEit security vulnerability was exploited and data of more than 2,600 organizations was compromised.

On November 21, the Clop ransomware group from Russia exploited a security vulnerability in Progress Software's file transfer software, MOVEit, to steal data from organizations that use the software, including Avast, a malware protection company, and Welltok, a patient communication service provider. The number of affected organizations is increasing, with over 2,600 organizations and more than 7,700 people affected. Data leaked mainly includes names, contact information, and product purchase information, excluding high-risk data such as banking or login details.


Commenting has been turned off.
bottom of page