China’s financial regulator told its banks and insurers to thoroughly review cyber and data security across all their businesses, underscoring the government’s increased focus on national security and data integrity.
In a directive sent at the end of last year, The National Financial Regulatory Administration asked banks and insurers to fix any identified loopholes to guard against the risk of ransomware attacks by mid-January, according to people familiar with the matter. Banks were urged to reinforce the secure usage of emails and protect against phishing, said the people, asking not to be identified discussing a private matter.
The broad directive was a follow up on a short notice issued to its major banks after a cyberattack on Industrial & Commercial Bank of China Ltd. in November crippled part of the US operations of China’s largest lender and disrupted trading in the US Treasury market.
China Eases Deadline Pressure for Multinationals’ Compliance With Data Security Rules
The NFRA didn’t immediately reply to a request for a comment.
Separately, China has intensified its focus on national security and data flows over President Xi Jinping’s decade-plus in power. Beijing enacted a sweeping data security law in 2021 to ramp up control over information flows. The crackdown has hampered the expansion of foreign firms, including banks, in the country and raised concerns about investments in China.
ICBC, the world’s largest bank by assets, was hit by a hacker attack at a US unit in November that rendered it unable to clear trades in US Treasuries and forced it to send data around New York via thumbdrives.
The US Treasury Department also weighed in on the incident at the time, calling on all banks to make sure they follow best practices.
The attack put financial institutions on high alert and spotlighted a danger that the prospect of a cyberattack could someday cripple a key piece of the financial system’s wiring.
While ICBC’s US division has set up new IT infrastructure following the attack and resumed service, it has struggled to convince some market participants that it’s safe to reconnect their computer networks, Bloomberg News reported earlier.
Ransomware attacks have proliferated. After a website of the New Zealand Stock Exchange was hit by a cyberattack in 2020, it was later revealed that more than 100 banks, exchanges, insurers and other financial firms worldwide were targets of similar attacks simultaneously.
Photograph: An attendee types on a cyrillic laptop computer keyboard at the CrytoSpace conference in Moscow, Russia, on Friday, Dec. 8, 2017. Photo credit: Andrey Rudakov/Bloomberg
Related:
Topics Cyber Carriers Data Driven China
Was this article valuable?
Here are more articles you may enjoy.
Cyber Insurance Market ‘Stable’ With Potential for Growth, Says AM Best 
‘Great Resignation’ Enters Third Year as Workers Embrace AI, Upskilling, PwC Says 
Allstate, Nationwide Post Dramatic Q12024 Homeowners Loss Ratio Drops: S&P 
BlackSuit Cybercrime Gang Blamed in CDK Hack That Roiled Car Dealers 
