Hong Kong plans to strengthen information security rules after a series of embarrassing hacks at the city's brokers, said the securities regulator on Thursday.
The draft rules should include requirements for two-step authentication for the account account and for brokers to notify customers during the transaction, said a spokesman for the Securities Commission And Hong Kong (SFC).
The SFC would issue a consultation on the draft rules during the second quarter.
Changes in rules would be made to the SFC Code of Conduct, which means that they would not need to be enacted into legislation.
Hong Kong police have struggled to cope with digital pumping and unloading programs targeting brokerage houses – a little-known type of computer-generated fraud that arose in Chinese territory last year.
Although the money involved has so far been low – only about $ 20 million worth of actions – there were 81 incidents of this type reported in 2016, more than three times the Number in 2015, according to the police.
In the regime, criminals invest in penny-low-traded securities and then manipulate their stock prices by ordering transactions from pirated brokerage accounts.
They earn profits by selling before fraudulent transactions are reported.
Hong Kong has been a privileged place for such attacks because of the number of penny stocks traded on a small scale in the territory and because its securities sector fell behind other financial centers in defense against Cyber-fraud, Reuters reported in February. (Here)
At least seven brokers and eight banks have been targeted in Hong Kong, including HSBC Holdings Plc and Bank of China International Securities, Reuters reported quoting sources.
An investigator said that there had been a further surge in such attacks in 2017 and that banks and brokers were not able to identify the culprits.
The authorities believe that computerized hackers have had access to brokerage accounts using stolen or guessed passwords, according to investigators.