-
- The regular penetration test conducted by HKIB did not cover network infrastructure and defence capabilities against specific cyberattack;
- The antivirus software installed in its system only had basic protection capabilities and could not effectively defend against ransomware attacks;
- Data loss prevention system was not installed in the system to detect and prevent sensitive data from being stored in external storage devices, or transmitted to external parties through email systems or the internet;
- Passwords strength of some accounts in the system was insufficient and the passwords were not changed regularly, which made the relevant accounts vulnerable to attacks or intrusions by hackers; and
- Other deficiencies[1] in information security.
- Prolonged Implementation of Multi-factor Authentication: Back in May 2019, the Firewall manufacturer noted that attackers could bypass security restrictions and directly obtain SSL VPN account names and passwords to execute any programme in the target system through exploiting the Vulnerability. The Firewall manufacturer therefore urged users to immediately disable SSL VPN until the operating system was updated and all account passwords were reset. It also recommended that multi-factor authentication be enabled.
-
- ↑ The details have been omitted to protect sensitive information on the security of the relevant information systems.
7