Newsletter Subscribe

Enter your email address below and subscribe to our newsletter

Public and Organizations Urged to Boost Cyber Resilience

Share your love

The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) has identified that criminals are exploiting public awareness and reactions to the recent CrowdStrike software update failure to deploy various attack tactics. These attacks, including phishing and malware campaigns, continue to evolve and expand.

Reports

HKCERT has observed that threat actors are using the CrowdStrike incident as a pretext for phishing attacks. They are sending fraudulent emails and creating fake websites that impersonate CrowdStrike officials, offering bogus software updates and recovery manuals that actually deliver malware. These malicious files can lead to data leakage, system crashes, and data loss. For individuals and organizations, this can also result in personal data exposure, reputational damage, and financial loss.

What to do

For corporates and organisations, the following best practices are recommended to be adopted to maintain secure and resilient IT environment, and to minimise the impact from similar event happening in the future:

  • Adopt vendor management and build transparency with vendors, and stay vigilant to supply chain attacks
  • When possible, avoid solely rely on single technology, solution and vendor to minimise single point of failure
  • Apply security risk assessment on IT systems and applications, evaluate the impact of third-party risks on both operating system and application level
  • Apply change management and configuration management to IT systems and applications, include application testing and verification in deployment steps and prepare a fallback plan prior proceeding patch update
  • Develop Business Continuity Plan (BCP) to main the business in case of an incident occurred and affected the business’s IT environment
  • Arrange and perform incident response and disaster recovery drill regularly to verify the effectiveness of BCP
  • Develop incident response plan to IT systems and applications, referring to HKCERT’s “Incident Response Guideline for SMEs
  • Review application software privilege in IT systems periodically.  Maintain least privileges practices to minimise the impact of application software failure

Source: HKCERT

Share your love

Related Posts

Tendance actuelle

AVEVA Announces New Capabilities to Embed AI across Industrial Organizations & Data Infrastructure
5 Ways Digital Dentistry is Transforming South African Practices
Using AI to Anticipate Healthcare Air Quality Risks
Kaspersky Spots Rising Scam Activity around the 2026 World Cup

Stay informed and not overwhelmed, subscribe now!