* Accept image file type .bmp, .jpeg, .jpg or .png only
Image are not able to be deleted after selected any image.  

Solution in Response to Cyber Attacks

Hard as it is for business and cooperates to prevent cyber attacks and threats, these incidents occur frequently followed by the fast advancement of technology and innovation. Generally speaking, cyber attacks often fall into the following categories: using system vulnerabilities to steal information by setting up a backdoor and bypassing normal authentication; brute force attacks, using various types of trial-and-error methods to obtain user password or personal identification number (PIN) for hacking into the server network remotely; phishing attacks, by sending phishing emails with malicious attachments or links that contain malware, such as Trojan, virus and ransomware. Once a computer is infected it can possibly infect all other computers within the same network, stealing confidential information from the backdoor created, encrypting files for ransom or simply lock down the whole system.

A listed travel agency in Hong Kong was hacked in November 2017 and there were approximately two hundred thousand clients affected by this incident. Sensitive data such as personal information, credit card information and passport number were either stolen or encrypted by an advanced ransomware which used a technique called cryptoviral extortion to make the victim’s files inaccessible. Attackers demand a ransom payment by Bitcoin in exchange for the decryption key. The concept of Bitcoin payments, like other cryptocurrencies, is a peer-to-peer transaction between the sender and receiver directly. These transactions are then verified by the blockchain network nodes and they make it  hard to trace the real identity of the receiver. Since the trading of cryptocurrencies is not under any regulatory restrictions, prosecuting the perpetrators is difficult. This makes it the best currency used for illegal trading anonymously.

The risk of encountering a ransomware will be increased when an operating system is outdated with a user accidentally downloading and opening an attachment from an insecure source. By any chance a corporate computer is infected by ransomware, the user should take the following actions to decrease the risk of allowing the wide spread of malware within the network: (1) Unplug the power supply and any network connections at once to avoid the malware from spreading within internal network to infect more workstations and servers; (2) Notify the IT department immediately, seek for the professionals for identifying the vulnerability and a plan recovery scheme; (3) Preserve the infected hard disk for future investigation and recovery test; (4) Do not pay the ransom as there are no guarantee in saving the infected files after such payment. Avoid the aggressor to mark the corporate for repeated blackmail attacks. Giving in to the attackers’ demands also gives them the impetus to continue perpetrating further attacks on more victims.

The results of a joint survey conducted by Deloitte China and The Association of Chartered Certified Accountants shows that in a case of a successful cyber attack, a corporate needed an average of 32 days for backup recovery of systems and files, with an average of 1 million US dollars spent for each recovery. The report also stated that 60% of the corporate did not provide sufficient network security awareness training for their employees. Increasing the employees awareness of such attacks can also prevent a successful cyber attack indirectly.

In a practice of information security, regular backup can help recover important data and files rapidly under a cyber attack, thus also reducing the impact the security incident has towards the corporate. Updating patch regularly, enabling firewall and using anti-virus software to scan potential risk within a computer can also prevent such cyber attacks. Employees should stay alert and only open links from secure sources within an email. After all, having a good sense of how to prevent a cyber attack is the most effective way to protect corporate information assets.