A series of cyberattacks targeting Hong Kong's stockbrokers, which saw around $14m (£11m) in investor losses, has prompted authorities to tighten cybersecurity rules. The Securities and Futures Commission (SFC) reportedly said that there have been 20 attacks on city brokerages in the past 18 months.
The Hong Kong police have so far struggled to stop the cyberattacks. Reuters reports that the pump-and-dump scams, a little-known type of digital fraud has escalated in the Chinese territory, with the police recording reports of 81 such attacks in 2016.
"We have to require all [brokers] to invest more to enhance their cyber security of their computer systems after customers lost up to HK$110 million from hacker attacks. The police have been investigating these cases," a spokesperson for the SFC said, the South China Morning Post reported. "The upgrade may cost money but it will ensure investors can trade safely when using their computers or mobile phones."
The attacks involve crooks investing in thinly-traded penny stocks and manipulating their share prices by ordering trades from hacked brokerages. The profits are reaped by selling before the fraudulent trades are reported.
Hong Kong has become the go-to place for such attacks given how its securities industry has lagged behind in defending its financial sector against such cyber fraud. Citing sources, Reuters reports that around seven brokers and eight banks, including HSBC and Bank of China International Securities have been targeted by hackers in the recent past. There has also been a surge of such attacks in 2017; however, the cybercriminals behind the fraud campaign are yet to be identified.
According to investigators looking into the matter, hackers accessed brokerage accounts using stolen or guessed passwords.