Hong Kong has initiated its first-ever cybersecurity drill, set to run for a total of 60 hours. The Hong Kong cybersecurity drill commenced on Friday, with plans to establish it as an annual event moving forward. Innovation minister Sun Dong emphasized the importance of this initiative, stating that maintaining cybersecurity is essential for promoting high-quality economic development and building a smart city.
At a launch ceremony for the drill, Sun noted that the Hong Kong cybersecurity plan is a “long-term task” that requires ongoing attention and cannot be considered complete. This proactive approach reflects the government’s commitment to addressing the growing threat landscape, particularly as recent months have seen a notable rise in hacking cases targeting various organizations, including companies and public entities.
Hong Kong Cybersecurity Drill
This Hong Kong cybersecurity drill, organized by the Digital Policy Office, involves collaboration with multiple stakeholders, including the Hong Kong police force, the Hong Kong Internet Registration Corporation, and the Hong Kong Institute of Information and Technology (HKIIT). This multifaceted approach aims to simulate real-world cyber threats and test the preparedness of government systems against potential attacks.
Tony Wong Chi-kwong, Commissioner for Digital Policy, explained that the drill features a “red” team of hackers composed of industry professionals, alongside students and faculty members from HKIIT and the Hong Kong College of Technology. This red team will simulate cyberattacks on government systems using tactics such as phishing emails and impersonation attempts to gain access to sensitive information, including login credentials and passwords, reported South China Morning Post.
Countering the red team’s efforts is a “blue” defense team, made up of staff from nine government departments and three public organizations. These defenders will operate from their offices to detect and respond to the simulated attacks in real time. Wong refrained from disclosing the specific departments involved, explaining that maintaining a controlled environment is crucial to the drill’s success. “We need a controllable scenario. We don’t want people with malicious intentions to mess around during this period,” he stated.
Throughout the 60-hour drill, the red team will remain stationed in the operation room at HKIIT in Tsing Yi. Wong pointed out the necessity of this realistic simulation: “In the real world, attacks have no time limit. There is no preset that tells you when they will attack you.” By creating an environment that mirrors actual conditions, the drill allows defenders to remain alert and ready to respond to threats as they arise.
Key Partners of the Cybersecurity Drills
As part of the exercise, normal operations will continue on government systems, providing an opportunity to evaluate whether current precautions and detection capabilities are sufficient. The blue team will earn points for successfully detecting an attack, while the red team will score points for any successful breaches. A panel of nine cybersecurity experts will oversee the scoring process, ensuring fairness and accuracy in the evaluation.
The HKIIT principal confirmed that all attack and defense activities will adhere to strict parameters established by the institute. Technical support will also be provided to maintain network stability, preventing disruptions to regular operations during the drill. Results from this cybersecurity drill will be shared at an upcoming cybersecurity forum scheduled for December.
Hong Kong has witnessed a significant uptick in cyberattacks in recent years, prompting authorities to take decisive action. In the first half of 2024 alone, the city reported 16,182 cases involving technology crimes, a 3.5% increase from the previous year’s figures. The financial impact of these incidents is staggering, with losses reaching HK$2.66 billion (approximately US$341.8 million).
In response to this concerning trend, the Hong Kong government proposed the Protection of Critical Infrastructure (Computer System) Bill, which aims to impose stringent security requirements on operators of essential infrastructure. Under this legislation, non-compliance could result in fines of up to HK$5 million. Currently, the bill is under consultation with the Security Bureau and is anticipated to be enacted by early 2026.
