China has made cybersecurity inspections mandatory for companies interested in applying for Hong Kong’s Public offering. The rule is being applied strongly across all business sections and will imply to companies that are handling sensitive data of over 1 million people.
The Cyberspace Administration of China (CAC) is the authorizing power behind this mandatory law application and is doing so because of some national security concerns.
So, any company that handles user data or generates it and stores it on its platform should comply with this law in order to list itself on a domestic note and must adhere to the law that they should never transit data to remote servers.
Meanwhile, news related to a cyber attack in Hong Kong has emerged recently online that describes a water hole hacking campaign originating in Hong Kong. Reports are in that the attack was first discovered in August this year by security analysts from Google who state that the attack was conducted through a state backed malware campaign that was being circulated through the official website of Hong Kong’s Pro-Democratic Party.
Google analysts say that the campaign started in early May this year and the threat actors behind the campaign implanted malicious software on the website that then installed backdoors on visitor’s devices.
Researchers from the Alphabet Inc’s subsidiary say that attack could have taken place because of a macOS vulnerability that was patched by the tech giant on September 23rd, 2021.
