Cyberattacks skyrocket in China
Xinhua, December 8, 2015 Adjust font size:
Companies on the Chinese mainland and in Hong Kong are waging a serious war against cybercriminals, according to a survey published Tuesday.
The average number of detected security incidents in the Chinese mainland and Hong Kong surged 517 percent to hit 1,245 over the last 12 months, compared with the average of 241 recorded the previous year, according to the latest PricewaterhouseCoopers (PwC) Global State of Information Security Survey.
The average financial loss caused by cybercrimes in the region rose 10 percent year on year to 2.63 million U.S. dollars, compared with a 5 percent decline globally.
"We are witnessing attacks from all angles, but the industries facing the most impact include consumer, retail, and technology," said Samuel Sinn, PwC China Cyber Security Service Partner.
Specifically, hackers targeted customer data, internal records and intellectual property. Survey participants reported a 64% rise in security incidents that compromised customer records, much steeper than the global average increase of 35%.
Many threats came from inside. Exactly half of all detected security incidents were caused by current or former employees, the survey showed.
The Chinese mainland and Hong Kong have seen a chain of high-profile cyberattacks this year. Most recently, Hong Kong-based toymaker VTech was hacked, compromising personal information for more than 6 million children.
In September, many popular Chinese iOS apps were found infected with malicious software, highlighting vulnerability in Apple's mobile platform.
Companies have been reacting to the rise in cybercrime by investing more in security. The survey found 16% more funds were being invested into information security budgets in 2015 than a year ago. Security spending in the Chinese mainland and Hong Kong averaged 7.9 million U.S. dollars, surpassing the global average of 5.1 million U.S. dollars.
But companies are still not prepared for security risks that accompany the latest technology, such as the Internet of Things (IoT). Only 44% surveyed companies said they had a security strategy in place for the IoT.
"Companies must continue evolving their security strategies to stay prepared for ever-growing cyber risks. This should include implementing a robust control cycle to continuously identify new insider threats and improve security controls," Sinn said.
The survey was conducted online between May and June this year and is based on responses from more than 10,000 company executives in 127 countries. Over 330 companies from the Chinese mainland and Hong Kong responded. Endi