Cybercrime losses surge tenfold in first seven months, despite fewer cases

Financial losses from network intrusion crimes in Hong Kong skyrocketed to HK$39.4 million in the first seven months of this year, a tenfold increase compared to the same period in 2023, despite a 35 percent drop in the number of incidents, police data revealed on Friday.

The sharp rise in losses, against a backdrop of only 24 recorded cases, indicates that cybercriminals are increasingly focusing on high-value targets, according to police.

In a separate but related effort, the Cyber Security and Technology Crime Bureau (CSTCB) reported that its operation from January to September successfully neutralized over 39,000 cyber threats.

Evolving ransomware tactics

The trend of targeting high-value entities was exemplified by a single major incident in June, where a financial company lost approximately HK$26 million after hackers transferred 300 units of stablecoin and other cryptocurrencies.

This one case accounted for about two-thirds of the total financial losses from network intrusions.

Superintendent Hui Yee-wei of the CSTCB strongly advised against paying ransoms, a practice she said only encourages further criminal activity.

She warned that hackers now commonly engage in "double extortion," where even after a ransom is paid, stolen data is often still leaked or sold on other platforms.

Broader tech crime landscape and public advisory

Beyond network intrusions, Hong Kong recorded 19,080 technology crime cases in the first seven months, a slight decrease of 0.9 percent year-on-year.

However, total losses from these crimes, which include online shopping, job-seeking, and investment scams, rose by 18 percent to HK$3.639 billion.

The single largest loss involved a retiree who was defrauded of HK$30 million after being lured into downloading a malicious application following initial contact on Facebook.

To enhance personal cybersecurity, Senior Inspector Tsui Yiu-chung from the CSTCB recommended that the public regularly update all systems and software, promptly install security patches, and conduct periodic vulnerability scans to identify and fix security risks before they can be exploited by attackers.

The police's operation also involved collaborating with 89 internet service providers to clean up more than 39,000 cyber threats and repair over 38,000 computers and servers with security vulnerabilities.

Of the threats neutralized, 34,556 were phishing websites, nearly half of which impersonated government agencies, social media platforms, securities firms, and hotels, the force added.