2020 Review & 2021 Outlook of Cybersecurity Issues in Hong Kong

“The wide adoption of information technology (“IT”) can bring convenience to the public and improve quality of living. At the same time, the risks of the public, enterprises and the community being hacked have increased correspondingly…

For Hong Kong to become a secure smart city, the Government, different sectors of the community and the general public must have knowledge of cyber risks so as to become more vigilant and take appropriate measures to protect their information systems and data assets, with a view to continuously improving the  defence and response capability of the society as a whole.”

—Office of the Government Chief Information Officer (HK), circa January 2020


Whilst most people will remember 2020 as the year of lockdowns, the other face of 2020 is the great migration of humanity into the digital realm. Social distancing measures implemented to combat COVID-19 has caused many ordinary citizens (many of whom were not previously digitally attuned) to move their daily lives online. When face to face visits by grandparents are no longer possible, people resort to telecommunications as the next best alternative.

Whilst digital adaptation by the entire world can be seen as a leap forward, it has also highlighted the fact that the internet can still be a treacherous place.


According to statistics provided by the Hong Kong Computer Emergency Response Team Coordination Centre (“HKCERT”), it has been observed that there has been a sharp rise in the number of Defacement and Phishing attacks in 2020. Computers being infected by malicious software which will hijack the infected device into a Botnet is also on the rise. The risk posed by major forms of attacks elaborated as follows:

  1. Botnet Attacks: Computers may be hijacked/conscripted by cybercriminals into conducting illegal activities. This may in turn causes illicit activity to be traced onto an unknowing victim’s device.
  2. Phishing Attacks: One of the biggest trend in 2020 is the increased number of phishing/spoofing attacks. With disguised emails/unauthorized recipient renames, victims may be lured into disclosing credential, confidential information and more. Reputation damage and data loss (e.g. privileged data) may be substantial.
  3. Malware Attacks: Notable ransomwares, trojan horse, etc. In 2020, we have seen the first cases of cybersecurity manslaughter resulting in death occurring. Attacks manifested physically as cybercriminals were able to hijack devices worn by users resulting in physical lockups. Gone are the days when ransomware attacks are only within the realm of the digital.
  4. Defacement Attacks: These are intentional attacks (non-virus) where hackers intrude and alter information on legitimate sites/storage sites. Original content may as a result be lost with other information/data contaminated/corrupted.


As rightly pointed out by Hong Kong’s Chief Information Officer, whilst technology are meant to bring about convenience for the greater public, each advancement, if the technology is not rolled out in a quality manner, may give rise to risks. Here are a few of the major 2021 cybersecurity predictions that the greater public should pay attention towards:

  1. Dawn of the 5G Technology: Whilst 2020 saw 5G tech being at the forefront of diplomatic jousting between the United States and China, 5G tech is nevertheless becoming reality in everyday lives in 2021. Whilst this new technological breakthrough is likely to bring a never before seen level of digital convenience, 5G enabled swarm attacks, which requires the integration of multiple hijacked devices (see Botnet above) will mean that more efficient method of attacks will now finally be possible (greater network connectivity, intelligence from multiple devices, etc.) Swarm technologies require large amounts of processing power to enable individual Swarm-bots to act and the proliferation of 5G tech will enable just that.
  2. Exposed Application Programming Interface (“API”) Attacks: As mentioned above, 2020 saw the world’s first cybersecurity manslaughter case as well as hackers being able to lockup victims physically when they were able to exploit vulnerabilities in internet-connected accessories. Users who were caught wearing such device at the time of attack have been reported to suffer physical harm/scars. With APIs becoming ever more prominent in everyday devices, attacks are soaring. Developers are therefore reminded to secure their API less their client may suffer physical as well as digital damages.
  3. Remote Learning/Hearings Attack: As the first school took their classes online, the first casualty was already reported. Weak endpoints from users at home (who might not have implemented the best network security) will mean that hackers will have the opportunity to exploit vulnerabilities. The increased use of home devices for official matters will also mean that hackers can exploit legacy endpoints.
  4. Insider Attacks: With the ever-increasing number of ‘work from home’ (“WFH”) arrangements, in the absence of proper data control (as well as an insecure job market) as well as weak home network management (as indicated above), insider threats (both intentional and unintentional) are on the rise. Having a proper IT governance policy will be essential for companies in the days to come.


All in all, it can be easily concluded that the move to remote working environment can be seen as both a great boon for humanity as well as a wakeup call for many. Therefore, always remember:

  1. Secure ALL networks:  be it offsite or onsite, it is crucial for companies to assist their employees with implementing adequate cybersecurity so as to enable undisrupted workflow in this new era. Cybersecurity contingency plans are also essential. Whist office network can be secured in a centralized manner, WFH policies is a game-changer that companies must tackle.
  2. Secure ALL devices: many attacks both observed in 2020 and 2021 is the result of lapse by everyday users as they move remote. Home devices and other equipment must be brought up to company standard as time goes by.
  3. Educate ALL staff: of all the cyberattacks observed above, the weakest link is still the human mind. As rightly noted by Hong Kong’s Chief Information Officer: “the general public must have knowledge of cyber risks so as to become more vigilant and take appropriate measures to protect their information systems and data assets, with a view to continuously improving the defence and response capability of the society as a whole.”





Ravenscroft & Schmierer 合夥人