Pages

13 July 2022

China’s Cabinet Stresses Cybersecurity After Data LeakState Council meeting discusses need to safeguard information


China’s cabinet stressed the need to bolster information security, following a huge leak of personal data that could be the largest cyber-attack in the country’s history.

A State Council meeting led by Premier Li Keqiang emphasized the need “to improve security management provisions, raise protection abilities, protect personal information, privacy and commercial confidentiality in accordance with the law,” according to the official Xinhua News Agency. These measures would allow the public and businesses to “operate with a peace of mind,” the report added.

Xinhua didn’t directly reference the breach, and other state media agencies have so far been silent about the incident. Earlier this week, unknown hackers claimed to have stolen data on as many as a billion Chinese residents after breaching a Shanghai police database. The purported theft of more than 23 terabytes of information has exposed potential data and security lapses and set the technology industry abuzz.

If verified, the massive data leak could be a black-eye for Xi Jinping’s administration, which has in past years gone after tech firms such as Didi Global Inc. for data security violations.

“The breach has clearly caught the attention of China’s top leadership — and no wonder,” said Kendra Schaefer, a partner at Beijing-based consultancy Trivium China. “It is particularly embarrassing for a government body to be the source of the largest known data breach in China’s history, particularly at a time when data security has become one of China’s top policy priorities.”

Questions remain about how the unknown hackers apparently gained access to the trove run by the Ministry of Public Security’s Shanghai branch, which according to online posts included data detailing user activity from popular Chinese apps, addresses and phone numbers. A seller had asked for 10 Bitcoin, worth around $200,000, in exchange for the data.

“China is long overdue for experiencing a breach of this scale,” said Daron Hartvigsen, managing director at global advisory firm StoneTurn. “Historically, China is often disregarded as a viable target for criminal cyber-exploitation. Threat actors typically focus on targets likely to cave to ransom and extortion demands. It is not clear if this business model will result in similar financial returns in China.”

Xi has long identified data as key for governing and driving Asia’s largest economy. The meeting on Wednesday also discussed the need to investigate and address activities that abuse information and violate the legitimate rights of individuals and enterprises, according to the report.

No comments:

Post a Comment