South China Morning Post
Advertisement
Advertisement
Hong Kong economy
Get more with myNEWS
A personalised news feed of stories that matter to you
Learn more
Government departments have also suffered high-profile data breaches recently. Photo: Shutterstock
Hong KongHong Kong economy

Hong Kong must reform corporate culture, step up data security to avoid harm to I&T hub ambitions after cyberattacks, industry veterans say

  • Specialists ramp up warnings after spate of cyberattacks, with latest hacks hitting jewellery chain Luk Fook Holdings and Hong Kong College of Technology
  • One expert says breaches ‘might affect investors who planned to set up offices in Hong Kong’, as city must meet needs of Greater Bay Area partners to become I&T hub
Hong Kong economy
Ng Kang-chung
Jeffie Lam
Ng Kang-chungandJeffie Lam
Why you can trust SCMP
Hong Kong must reform its corporate culture and step up data security measures to avoid jeopardising its innovation and technology (I&T) hub ambitions after a recent string of cyberattacks, industry veterans have said.
The specialists ramped up their warnings after jewellery chain Luk Fook Holdings said on Friday it was verifying claims a hacker accessed the records of 5 million customers and was seeking a ransom of more than HK$190,000 (US$24,310) in cryptocurrency.

Just a day earlier, the Hong Kong College of Technology also said it was hit by a “highly targeted and unusual cyberattack” in February which leaked personal information concerning about 8,100 students. A ransomware group was believed to have stolen 450GB of data and shared the information on the dark web earlier this week.

IT industry veteran Joseph Leung Wai-fung urged companies to revamp their corporate culture and pay more attention to cybersecurity.

“[The senior management of organisations] have not put this topic as a high priority. Thus they have not provided adequate resources,” said Leung, a lecturer at Polytechnic University’s school of professional education and executive development.

He also said the recent hacks could damage the city’s image as it planned to develop into an I&T hub in the Greater Bay Area, Beijing’s ambitious plan to transform Hong Kong, Macau and nine mainland Chinese cities into an integrated hi-tech, economic powerhouse by 2035.

“This might affect investors who planned to set up offices in Hong Kong. They might think Hong Kong does not have enough qualified IT security experts or that it does not take a serious attitude towards data privacy,” Leung said.

The incidents could also affect overseas customers’ purchases of products or services both online or offline as they might fear their personal data would not be properly protected, he added.

Veteran cybersecurity expert David Ip Ching-yeung, the founding chairman of the Hong Kong China Network Security Association, shared similar views.

“Hong Kong is currently suffering heavily from the lack of cybersecurity talent and low awareness [of the risks] among top management across many industries,” Ip said. “Therefore, Hong Kong can be an easy target for hackers or criminal organisations.”

He warned the city might face challenges in developing itself into an I&T hub if it failed to meet the requirements of its bay area partners or customers in cybersecurity and data protection standards.

The Hong Kong government has been hit by a series of data breaches, with the latest involving the Fire Services Department. Photo: Shutterstock

Ip noted that Chief Executive John Lee Ka-chiu had announced in his policy address last year that the first cybersecurity law in Hong Kong would be implemented in 2025.

But the cybersecurity specialist said the law mainly focused on critical infrastructure sectors, such as energy, telecommunications, transport and finance.

A number of government departments also suffered breaches recently, with the latest involving the Fire Services Department and the data of more than 5,000 staff and residents.
The Companies Registry said last week that personal information of about 111,000 people had been leaked because of a fault in its digital platform, while the Electrical and Mechanical Services Department also reported that data involving 17,000 public housing tenants was leaked due to a system security failure.

The hiccups prompted the government’s top information technology unit – the Office of the Government Chief Information Officer – last Sunday to ask all bureaus and departments to review their computer security and report back within a week.

2