Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Hong Kong to tighten cyber security rules after broker hacks

Reprints
Hong Kong to tighten cyber security rules after broker hacks

(Reuters) — Hong Kong plans to toughen information security rules after a series of embarrassing hacks at the city's brokers, the securities regulator said on Thursday.

The draft rules would likely include requirements for two-step authentication for account log-in and for brokers to notify clients when a transaction had been made, a Hong Kong Securities and Futures Commission spokesman said.

The SFC would publish a consultation on the draft rules during the second quarter.

The rule changes would be made to the SFC Code of Conduct, meaning they would not need to be passed into legislation.

Hong Kong police have struggled to deal with digital pump-and-dump schemes targeting brokerages — a little-known type of computer-generated fraud that surged in the Chinese territory last year.

Although the money involved has so far been small — only about $20 million worth of shares — there were 81 such incidents reported in 2016, more than triple the number in 2015, according to police.

In the scheme, criminals invest in thinly traded penny stocks and then manipulate their share prices by ordering trades from hacked brokerage accounts. They earn profits by selling before the fraudulent trades are reported.

Hong Kong has been a favored place for such attacks because of the number of thinly traded penny stocks in the territory and because its securities industry has fallen behind other financial centers in defending against cyber fraud, Reuters reported in February.

At least seven brokers and eight banks have been targeted in Hong Kong, including HSBC Holdings P.L.C. and Bank of China International Securities, Reuters reported, citing sources.

One investigator said there had been a new spurt of such attacks in 2017, and that banks and brokers were unable to identify the culprits.

Authorities believe that hackers accessed brokerage accounts using stolen or guessed passwords, according to investigators.

Read Next

  • Hong Kong insurers to face significant regulatory challenges

    Hong Kong-based law firm Oldham, Li & Nie said that the region's insurance industry will face significant challenges in adjusting to a new regulatory landscape, including enhanced requirements for independent non-executive directors, Asia Insurance Review reports. The Office of the Commissioner of Insurance revised its Guidance Note on the Corporate Governance of Authorized Insurers to incorporate high level standards that are updated and adopted internationally.  The new rules take effect Jan. 1, 2017.