In Hong Kong, another government agency was blackmailed by hackers, and it was reported that the Consumer Council had stolen the information of complainants and subscribers. Computer security researcher Lai Zhuodong pointed out that no information has been sold on the dark web for the time being, and believes that the Council should explain it as soon as possible, "I think that Cyberport is an isolated case, and it is a fluke attitude to 'eat peanuts'". He also pointed out that many statutory bodies in Hong Kong have not followed the Government's security guidelines and conduct penetration tests on a regular basis, which can easily become loopholes for hackers to attack.
There are many high-spec cloud platforms on the network that can store data, and Lai believes that organizations can adopt different storage methods according to the scale, even if they are stored on private servers, they should also set up security measures, and they can also use "terminal security" to detect suspected intrusions and intercept attacks.
Computer security researcher Lai Zhuodong. (Photo by Hong Yeming)
Computer security researcher Lai Zhuodong said that as of 5:22 p.m., the "dark web" has not seen any leaked information related to the sale of the Council, and it is unknown what hacker organization it belongs to, but believes that after the news comes out, the Council has the responsibility to respond as soon as possible and explain to the public, rather than waiting for tomorrow (<>nd) to hold a press conference.
According to the Council's website, the system failed on 9 September. (Screenshot of the Council's website)
Call on institutions not to take chances to "eat peanuts"
He questioned that many statutory bodies in Hong Kong have not followed the Government's security guidelines and conducted regular penetration tests, "I think that Cyberport is an isolated incident, and the attitude of 'eating peanuts' should be based on the incident to see if they have the same vulnerabilities, otherwise the organisations with the same loopholes will hack and set fire to the serial ship."
At present, there are many high-specification cloud platforms on the network, such as the more well-known "Oracle" and other platforms, Lai Zhuodong believes that different organizations can use different ways to save data depending on their scale, taking the Council as an example, although it is unknown how to process data, but even if it is stored on a private server, as long as security measures such as two-factor authentication are done, and general antivirus software may not be able to detect ransomware, it is recommended to use "end point security". It can detect suspicious activities in the system and block attacks.
The Consumer Council's data breach has been carried out to inform affected persons that the Consumer Council has been hacked and stolen for extortion Leaked complainant and subscriber information or Emperor Wanzong|Lack of transparency in compensation for delayed or damaged baggage Check out six tips in this article