LCQ22: Enhancing cyber security and combating technology crimes
***************************************************************

     Following is a question by the Hon Wong Ting-kwong and a written reply by the Secretary for Security, Mr John Lee, in the Legislative Council today (November 22):

Question:

     A network security company has pointed out that the crimes of hackers breaking into computer systems, encrypting the data therein and then blackmailing the victims (hacker blackmailing) have become increasingly rampant.  The number of relevant requests for assistance received by the company in the last two years increased continuously: an increase of 50 per cent to 60 per cent in the Asian region and even a 100 per cent surge in Hong Kong; and the victims were mainly small and medium enterprises and personal computer users. In May this year, the Finance Committee of this Council gave funding approval for the creation of a post of Chief Superintendent of Police to lead the Cyber Security and Technology Crime Bureau (CSTCB) of the Police. Regarding combating crimes of hacker blackmailing, will the Government inform this Council:

(1) of the number of reports received by the Police in the past five years about enterprises being blackmailed by hackers and the total amount of money involved, with a tabulated breakdown by type of crime and type of enterprise;

(2) of the progress of CSTCB's work in investigating the crimes of hacker blackmailing; whether it has assessed if CSTCB can timely increase its manpower and upgrade the level of its technology and facilities to counter the increasingly sophisticated criminal techniques of hackers; if so, of the assessment outcome; of the number of such kind of cases detected by CSTCB since its establishment in 2015;

(3) whether new measures are in place to combat crimes of hackers breaking into the computer systems of enterprises; if so, of the details; if not, the reasons for that; and

(4) whether it has gained an understanding of how Hong Kong compares with overseas in terms of network security awareness among enterprises; if so, of the details; whether the authorities have put in place new measures to enhance network security awareness among enterprises and encourage them to strengthen network security; if so, of the details; in addition to the provision of technology vouchers, whether the authorities will strengthen the provision of relevant assistance to small and medium enterprises in order to guard against hacker blackmailing; if so, of the details; if not, the reasons for that?

Reply:

President,

(1) The figures on blackmail-related technology crimes maintained by the Police in the past five years are at Annex.

(2) The Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police Force (HKPF) has been striving to enhance and expand its capability in different areas, including detecting syndicated and highly sophisticated technology crimes; conducting timely cyber threat audits and analyses; as well as enhancing response capability against major cyber security incidents or massive cyber attacks and strengthening relevant thematic researches, etc.  

     With the rapid development of information technology, cyber security threats and technology crimes are becoming increasingly complicated. As such, whether in enhancing cyber security or combating technology crimes, governments and relevant law enforcement agencies around the world have to foster close liaison and cooperation with the law enforcement agencies and industry stakeholders in different regions, and enhance collaboration and exchange in respect of relevant knowledge, technology, experience and intelligence, so as to grasp timely the latest global cyber threat trends and enhance facilities and staff technical capability as necessary. CSTCB will continue to strengthen the partnership with local and overseas law enforcement agencies and industry stakeholders, as well as exchange intelligence to facilitate crime investigations.

     The Police do not maintain figures on the detection rate of crimes of hacker blackmailing (Note).

(3) and (4) Since its establishment, CSTCB has been actively collaborating with various government departments and industry stakeholders to strengthen the reliability of the information system networks of enterprises, as well as to enhance Hong Kong's capability to protect relevant information system networks and guard against cyber attacks. CSTCB also rolls out various types of projects from time to time to boost enterprises' awareness of cyber security. Examples include:

(i) Since 2014, CSTCB has conducted various types of cyber security drills with industry stakeholders to access, through various simulated incident scenarios, participants' capabilities of incident analysis, the established incident response procedures and the operation of their communication protocols. The simulated cyber attacks incidents cover the most common scenarios with far-reaching impact, such as distributed denial-of-service attacks, web defacement, intrusion of network and information systems, ransomware, malware and sensitive data leakage.

(ii) Since April 2016, CSTCB has hosted cyber security seminars on a quarterly basis to strengthen the overall defensive capabilities of Hong Kong enterprises in handling cyber security incidents. The seminars cover topics on all types of emerging cyber threats and invite cyber security experts to share on relevant counter-measures. Each of these seminars was attended by representatives from various sectors, including banking and financial services, transport and shipping services, communication services, public services and government services.  

(iii) In May 2016, the HKPF, the Hong Kong Monetary Authority and the Hong Kong Applied Science and Technology Research Institute co-organised the Cyber Security Summit 2016, which was a three-day event attended by supervisors of financial institutions, regulatory bodies and technology solution providers among its guests. The summit discussed the latest local and global trends of cyber attacks, and enhanced the awareness and preparedness of Hong Kong enterprises in response to cyber security incidents and hacker attacks.

(iv) In January 2017, the first Cyber Security Professionals Awards Scheme, jointly organised by the HKPF, the Government Computer Emergency Response Team Hong Kong under the Office of the Government Chief Information Officer and the Hong Kong Computer Emergency Response Team Coordination Centre under the Hong Kong Productivity Council, was launched. The Scheme aims to recognise individuals in the cyber security field for their excellence, innovation and leadership displayed in different professional areas, including creating and implementing innovative cyber security policy; managing the risk of cyber threats; identifying and responding to cyber incidents; and communicating cyber security value to other members of the organisations. The second Awards Scheme will be held in February 2018. 

     The Government will, via the Hong Kong Computer Emergency Response Team Coordination Centre, continue to provide local enterprises (including small and medium enterprises) and internet users with services relating to information security incident responses, security threat alerts, preventive guidelines and educational activities, so as to enhance their cyber security awareness and protect the network safety. 

 (Note) The Police maintain the figures on the overall blackmailing cases, but not that on hacker blackmailing.

Ends/Wednesday, November 22, 2017
Issued at HKT 16:45

NNNN