Cyber attack on a body for the promotion of art in Hong Kong 

Cybersafetyconnections May, 13, 2024 vol#168 

Cyber attack on a body for the promotion of art in Hong Kong 

Cybersafetyconnections May, 13, 2024 vol#168 

• From konbriefing Hong Kong Arts Development Council (HKADC) suffers cybersecurity incident. 

• The grant applicants, HKADC and staff of HKADC may have had their data compromised. 

• It is possible the poor security posture of computer networks and system may have given room for the data breach. 

• No cybercriminal group had taken responsibility for the cyberattack. 

• HKADC took steps to mitigate possible loss from the cyberattack. 

What happened? 

hkadc..org.hk 

Hong Kong Arts Development Council (HKADC) suffers cybersecurity incident as reported by Thestandard.com.hk.  The council has stated that the breach caused some operational disruptions, but no data leakage or misuse has been detected yet. 

Who was impacted? 

Royalty Free Grant Photo 

Possibly applicants of different grant schemes. 

Why did it happen? 

The cybersecurity incident may have been due to poor security posture of computer networks and systems. 

Which cybercriminal Group was responsible for the cyber incident? 

Cybercrime Inages on Freepik 

No cybercriminal group has taken responsibility for the cyberattack. 

How had has HKADC mitigated loss from the cyberattack? 

OWASP Threat and Safeguard Matrix 

In response to the cyber accident: 

• The council activated its emergency response system to prevent further intrusion and appointed cyber security experts to conduct a thorough system inspection and recovery. 

•  HKADC reported the case to the Office of the Privacy Commissioner for Personal Data and the police, and also informed the Culture, Sports and Tourism Bureau of the incident. 

•  The council has emphasized that it attaches great importance to cyber security and personal data privacy, and has taken immediate measures, such as reviewing and strengthening the security of computer networks and systems and revisiting the daily operation process of staff members. 

Here is what Copilot had to say about prevent cyberattacks. 

Certainly! Preventing cyber attacks is crucial for organizations. Here are some effective strategies: 

1. Train Your Staff: Educate employees about cyber threats. Teach them to check links before clicking, verify email addresses, and use common sense when handling sensitive information¹. 

2. Keep Software Updated: Regularly update software and systems to patch vulnerabilities. Consider using a patch management system to automate updates¹. 

3. Endpoint Protection: Implement endpoint protection to safeguard remote devices connected to your network¹. 

4. Limit Personal Information Sharing: Be cautious online. Limit personal information shared, adjust privacy settings, and avoid location features². 

5. Strong Passwords and MFA: Encourage strong passwords and use multifactor authentication (MFA) to enhance security³. 

6. Firewalls: Install firewalls to prevent various attacks, including backdoors and denial-of-service attacks⁴. 

7. Data Backup: Regularly back up data to a secure location to mitigate the impact of breaches⁴. 

8. Encryption: Encrypt sensitive data to protect it from unauthorized access⁴. 

9. Security Software and VPNs: Invest in cybersecurity software and use virtual private networks (VPNs) to keep data private⁵. 

10. Stay Informed: Stay updated on common attack methods and emerging threats⁵. 

Conclusion 

Remember, a proactive approach is essential to prevent cyber attacks and protect your organization’s data! 🛡️💻🔒¹⁴²³⁵