Hong Kong brokers blackmailed by hackers with DDoS Attacks

The Hong Kong Securities and Futures Commission revealed some brokerage websites have been hit by DDoS attacks and blackmailed by crooks.

The Hong Kong’s SFC (Securities and Futures Commission) confirmed several brokers in the city has suffered DDoS attacks and were blackmailed by hackers.

We are alerted by the Police that some securities brokers have recently encountered distributed denial of service (“DDoS”) attacks targeting their websites and received blackmails from criminals.” reads a notice issued by the SFC. “The DDoS attacks have caused service disruption to the brokers for a short period.  It is possible that similar cybersecurity incidents would be observed across the securities industry. “

The Hong Kong’s securities regulator also warned of possible further incidents across the industry.

The regulators in the country have spent a significant effort over the past year to fight cyber threats. According to a survey conducted in November 2016, the average number of cyber attacks detected by businesses in China and Hong Kong grew at 969 percent between 2014 and 2016.

“In a circular to licensed firms late on Thursday, the Securities and Futures Commission (SFC) said it had been informed by the Hong Kong police that brokers had encountered so-called “distributed denial of service” (DDoS) attacks targeting their websites and received blackmails from criminals.” reported the Reuters agency.

The SFC urged companies in the financial center to adopt protective measures, such as DDoS mitigation plans.

“Network architecture, computer servers and network devices should be properly designed and configured to mitigate the risk of advanced and persistent cybersecurity attacks,” SFC said.

SFC urged brokers should configure their servers to avoid ‘reflective amplification’ DDoS attacks.

“Licensed corporations are expected to take immediate actions (including seeking advice from external contracted vendors if they do not possess such expertise and/or resources in-house) to critically review and assess the effectiveness of their cybersecurity controls in place,” SFC added.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Hong Kong, DDoS)

Pierluigi Paganini: Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

This website uses cookies.