Hong Kong braces itself for an upgraded cyber-attack protection in 2014
By Sudeep CharlesAccording to Google’s “Our Mobile Planet research”, Hong Kong leads Asia Pacific in mobile Internet usage: 96% of the smartphone users in Hong Kong use mobile Internet service on a daily basis.
Smartphones have transformed consumer behavior as the survey results also show that 89% of the smartphone users in Hong Kong conduct research on products or services. Mobile market in Hong Kong is highlighted as one of the key areas ripe for investors to dig into, especially for enterprises wanting to catch a ride on the emerging trend of mobile technology and infrastructure development.
With the huge business opportunities that mobility has the potential to create, enterprises should be take note of the risks associated with the adoption of new technology so as to not incur losses in the process.
In our State of the Internet report, we observed attack traffic originating from source IP addresses in 175 unique countries/regions and ranked China second with 33% of the total observed traffic originated from it, while Indonesia is ranked first with 38%.
Due to the close relationship between Hong Kong and China, as well as the online retail industry becoming increasingly connected, Hong Kong is, and will continue to be, at the forefront of the defense against potential attacks for years to come. Insights gleaned from the report show that attackers occasionally target specific sectors. DDoS attacks have spiked in the second quarter of 2013.
At 134 reported attacks, the Enterprise sector continued to be the leading target of DDoS attacks, followed by Commerce (91), Media and Entertainment (53), High Tech (23) and Public Sector (17).
Shifting the focus to Enterprise and Commerce sectors, according to Trustwave’s 2013 Global Security Report, the retail commerce industry had been the top industry target of cybercriminals in 2012 because of the large number of customer records it stores in each retailer’s systems.
As an alarming concern for the enterprises, the attacks can incur enormous financial losses and affect business productivity, or may even damage a brand’s value and reputation. Enterprises will lose consumers’ confidence if their system is being compromised even just for one time.
With the sophistication of hacking tools and the increasing network speeds of users from services like optic fiber broadband, defense against such attacks is becoming progressively harder and costlier.
Internet traffic and online transactions usually peak in periods such as the Christmas season and Chinese New Year as they are usually filled with promotions. In Hong Kong, 43% of smartphone users have made purchases with their phones and 62% of them make a purchase via smartphones once a month.
Which begs the question – how do enterprises, especially the eCommerce sector, grab the business opportunity riding on the growth of mobile Internet adoption during the holidays while safeguarding their businesses from attacks?
The solution for both Enterprise and Commerce sectors is managed web security that covers a full spectrum of services including: preparation – development of readiness plans and response protocols; mitigation – proactive protection against attacks before they affect clients' networks; monitoring – provision of tools for network traffic monitoring, DDoS alerts, and the real-time health of IT resources; response – service from trained response experts on standby to assist with containment, eradication, recovery and identification of primary and secondary attacks; and intelligence – delivery of insights regarding Internet threat conditions and provision of real-time attack metrics.
The first step a company should take to achieve complete Internet security is to ensure one has what we refer to as an in-depth defense solution. Companies should have a comprehensive, multi-layered security solution to protect themselves from sophisticated attacks.
The second step will be to protect one’s origin. Multi-layered security itself is no longer sufficient as a defense, as hackers are now adept enough to hack through several levels of security.
Enlisting the help of professionals for the defense at the network edge is one way to protect one’s origin, so consumers can shop on the Web or app anytime and anywhere worry-free.
The last step will be to protect oneself from application level attacks. Expecting companies to have a 100% bug-free, vulnerability-free application is not feasible.
Companies should make every effort to fix bugs and security loopholes. However, having a solution in place to detect attacks is also important. Upon identification of an attack, there should be a well-defined security solution to run book-and-process to mitigate the damage.
To get along with this fast-moving hyperconnected world, both the Enterprise and Commerce sectors, as well as all businesses around the world, need an always-on cloud-based Web security solution designed to protect a company’s most critical online business functions against attacks. These attacks can result in millions of dollars in lost transactions and business productivity each year, and even deal great harm to brand value and reputation.
The solution should be able to offer highly flexible and scalable protection without hindering performance. For the sectors to pay out of their own pockets for solution management is difficult and costly, thus, focusing on partnering with a provider for a complete security solution is the best option.