Last year, Hong Kong’s police force obtained over 440,000 items of information related to cyber threats aimed at the region. Meanwhile, according to an unprecedented assessment, 5 percent of openly available technological resources controlled by key infrastructure providers were susceptible to internet-based assaults.
The police issued a report on Monday stating that out of 90,000 technological assets evaluated, which included digital elements like IP addresses and online domains, approximately 4,500 exhibited systemic vulnerabilities after testing.
"Unless these vulnerabilities are identified and addressed, cyberattacks could potentially disrupt crucial services in Hong Kong and impact the daily use experienced by residents," cautioned Raymond Lam Cheuk-ho, chief superintendent of the cybersecurity and technology crime bureau.
Are you curious about the most significant issues and global trends? Find out here. SCMP Knowledge Our updated platform features handpicked content including explainer articles, FAQ sections, detailed analyses, and informative infographics, all provided by our esteemed award-winning team.
In March, Hong Kong enacted a legislation requiring unspecified private entities operating within eight key sectors identified as crucial infrastructure essential for societal functionality to perform routine cybersecurity assessments on their IT systems.
The sectors included energy, information technology, banking, communications, maritime and healthcare services, as well as land and air transportation.
According to the legislation, companies may face fines of up to HK$5 million (approximately US$637,685) if they fail to maintain updated systems. Additionally, regulated entities are required to inform regulators within 12 hours of experiencing a cyber security incident.
The testing conducted by the force revealed that out of the 4,500 asset vulnerabilities identified, approximately 11% were deemed critically risky or highly risky, whereas the remaining 89% posed only moderate to minimal risks.
Carmen Leung Oi-lam, who holds the position of senior superintendent for cybersecurity, forensics, and training, highlighted that out of all the assessed assets, 495 were found to be critically or highly vulnerable due to exposed employee logins, inactive subdomains susceptible to hacker takeover, or cloud services accessible from outside networks.
"These vulnerabilities have been categorized as critical or high risk because they could lead to significant operational disruptions when exploited by cyber attackers," Lam stated.
Medium to low-risk assets exhibited various vulnerabilities including being flagged on blacklistings of their mail servers due to potential security breaches, encountering issues with cybersecurity certificates, exposing sensitive internal systems via publicly accessible web pages, and displaying other security deficiencies.
Leung mentioned that the firms implicated had already begun addressing and rectifying the identified gaps following the investigation.
Chief Superintendent Lam stated that the primary industries targeted by cyberattacks included banking and finance, telecommunications, and governmental bodies; however, he did not specify which particular entities within these sectors were most susceptible to systemic vulnerabilities.
The agency has disclosed that it managed over 25 million items of intelligence related to possible cyber threats in the previous year, which included more than 440,000 leads focused particularly on dangers aimed at Hong Kong.
Superintendent Baron Chan Shun-ching of the Bureau stated that this intelligence primarily indicated potential risks that could be prevented beforehand, as opposed to incidents that had already occurred. The agency disseminated these details to pertinent entities in an effort to thwart significant cybercrimes within the region.
Out of the threats aimed at Hong Kong, 65 percent consisted of phishing emails or messages that directed recipients to malware or provided access to confidential login details, facilitating subsequent assaults.
The second most frequent menace came from botnets, accounting for 17 percent of all urban-focused threats. Botnets consist of networks of compromised gadgets infiltrated by malware capable of executing extensive harmful operations like sending spam or launching distributed denial-of-service assaults that flood computer systems with an overwhelming amount of traffic.

The superintendent stated that firms in Hong Kong faced similar issues after being targeted in cyberspace, including inadequate surveillance of remotely accessible computer systems, employing out-of-date or expired security programs, or having no established protocol for responding to cyber threats.
Chan mentioned that this issue emerged in 2020 as numerous companies permitted their staff to telecommute due to the Covid-19 pandemic.
The force discovered an increase in hacking incidents within the city, with reported losses escalating dramatically over the last two years.
During the initial quarter of this year, authorities documented 14 instances of hacking, marking a rise of 7.7 percent compared to the corresponding timeframe in the previous year. For the entirety of 2024, law enforcement registered 61 cases of hacking—an increase of 64.9 percent from the 37 incidents reported in 2023.
In the initial quarter of this year, the sum lost as a result of hacking amounted to HK$12.5 million, marking over a twelvefold increase compared to approximately HK$1 million during the corresponding timeframe of the previous year.
The yearly losses due to hacking in 2024 skyrocketed tenfold to HK$25.5 million, compared to HK$2.3 million the previous year.
"Every assault could lead to severe outcomes like interrupted services and information breaches. This might tarnish a firm’s standing, hence the potential hazards should not be dismissed," cautioned Senior Superintendent Leung.
In the initial quarter of this year, the biggest case involved a financial services firm. An employee noticed in March that HK$4.9 million was moved out through questionable client transactions, leading to the uncovering of a hacking plot following calls made to law enforcement by the employees.
More Articles from SCMP
Police drone usage in Hong Kong is seen positively provided that appropriate safety measures are implemented.
What prompted a photographer to capture images of all the basketball courts in Hong Kong?
"Not just chess pieces" in great-power competition: ASEAN asserts its role at the Shangri-La Dialogue
As Malaysia’s Huawei chip storm shows, sovereign AI is a fraught pursuit
The article initially appeared on the South ChinaMorning Post (www.scmp.com), which serves as the premier source for news coverage of China andAsia.
Copyright © 2025. South China Morning Post Publishers Ltd. All rights reserved.
Post a Comment