Nearly all Hong Kong companies vulnerable to identity, deepfake attacks, survey finds
- Out of 100 Hong Kong companies surveyed by CyberArk, 98 said they were victims of identity-related breaches, with AI an increasingly important contributor
Nearly every Hong Kong company in a new survey has been a victim of identity-related breaches such as phishing and deepfake attacks in the past year, according to a new report.
The 2024 Identity Security Threat Landscape Report, from Nasdaq-listed information security company CyberArk, showed that 98 out of 100 Hong Kong companies surveyed admitted to facing such breaches in their systems, compared with 93 per cent globally, underscoring the city’s ongoing vulnerability to such scams. CyberArk surveyed 2,400 companies in total, each with at least 500 employees.
Phishing attacks – including those that use deepfake technology to imitate a person’s voice, known as vishing – remained the most prevalent, with 96 per cent of surveyed Hong Kong companies saying they were victims of such attacks.
“Organisations in Hong Kong need to adopt a holistic cybersecurity strategy to secure both human and machine identities to effectively defend themselves against cyberattacks,” said Sandy Lau, CyberArk’s district manager for Hong Kong and Macau.
Lau said “inadequate security controls for machine identities” are one particular reason that identity-related threats are so prevalent. Machine identities include specific software and algorithms used for authentication. Usage of machine identities is expected to expand as companies use multiple cloud services that require third and fourth parties to have access to sensitive data, according to Lau.
