June 2 (Reuters) – Hong Kong’s securities regulator on Tuesday urged licensed firms to bolster their cybersecurity defenses, warning of a surge in increasingly advanced and targeted AI-driven cyber threats.
• In a circular, the Securities and Futures Commission said licensed firms, specifically internet brokers and virtual asset-trading platforms, should adopt up-to-date safeguards to prevent unauthorised access to client data and guard against asset misappropriation.
• Incidents of cyberattack increased 27% to 15,877 in 2025 from 12,536 in 2024, the body said, referring to data from the Hong Kong Computer Emergency Response Team Coordination Centre.
• The regulator said AI was enabling malicious actors to identify and exploit vulnerabilities faster and launch large-scale attacks, while lowering barriers to phishing and social engineering.
• The SFC also identified areas where companies can strengthen cybersecurity, including patching and vulnerability management, detection and monitoring, and incident response and recovery.
• Eric Yip, the SFC’s executive director of intermediaries, said senior management at licensed firms should take primary responsibility for cyber resilience and protecting client assets.
• Recently, global regulators have sounded similar alarms – Australia’s watchdog in late April and Japan’s banking authority in mid-May – over mounting risks tied to Anthropic’s new AI model, Mythos.
(Reporting by Shruti Agarwal in Bengaluru; Editing by Pooja Desai)
