430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Hong Kong brokers blackmailed by hackers with DDoS Attacks

The Hong Kong Securities and Futures Commission revealed some brokerage websites have been hit by DDoS attacks and blackmailed by crooks. The Hong Kong’s SFC (Securities and Futures Commission) confirmed several brokers in the city has suffered DDoS attacks and were blackmailed by hackers. “We are alerted by the Police that some securities brokers have […]

Hong Kong brokers blackmailed by hackers with DDoS Attacks

The Hong Kong Securities and Futures Commission revealed some brokerage websites have been hit by DDoS attacks and blackmailed by crooks.

The Hong Kong’s SFC (Securities and Futures Commission) confirmed several brokers in the city has suffered DDoS attacks and were blackmailed by hackers.

We are alerted by the Police that some securities brokers have recently encountered distributed denial of service (“DDoS”) attacks targeting their websites and received blackmails from criminals.” reads a notice issued by the SFC. “The DDoS attacks have caused service disruption to the brokers for a short period.  It is possible that similar cybersecurity incidents would be observed across the securities industry. “

The Hong Kong’s securities regulator also warned of possible further incidents across the industry.

The regulators in the country have spent a significant effort over the past year to fight cyber threats. According to a survey conducted in November 2016, the average number of cyber attacks detected by businesses in China and Hong Kong grew at 969 percent between 2014 and 2016.

“In a circular to licensed firms late on Thursday, the Securities and Futures Commission (SFC) said it had been informed by the Hong Kong police that brokers had encountered so-called “distributed denial of service” (DDoS) attacks targeting their websites and received blackmails from criminals.” reported the Reuters agency.

The SFC urged companies in the financial center to adopt protective measures, such as DDoS mitigation plans.

“Network architecture, computer servers and network devices should be properly designed and configured to mitigate the risk of advanced and persistent cybersecurity attacks,” SFC said.

SFC urged brokers should configure their servers to avoid ‘reflective amplification’ DDoS attacks.

“Licensed corporations are expected to take immediate actions (including seeking advice from external contracted vendors if they do not possess such expertise and/or resources in-house) to critically review and assess the effectiveness of their cybersecurity controls in place,” SFC added.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Hong Kong, DDoS)