Hong Kong securities regulator warns licensed firms of AI-driven cyber threats

June 2 : Hong Kong's securities regulator on Tuesday urged licensed firms to bolster their cybersecurity defenses, warning of a surge in increasingly advanced and targeted AI-driven cyber threats.• In a circular, the Securities and Futures Commission said licensed firms, specifically internet brokers and virtual asset-trading platforms, should adopt up-to-date safeguards to prevent unauthorised access to client data and guard against asset misappropriation.• Incidents of cyberattack increased 27 per cent to 15,877 in 2025 from 12,536 in 2024, the body said, referring to data from the Hong Kong Computer Emergency Response Team Coordination Centre.• The regulator said AI was enabling malicious actors to identify and exploit vulnerabilities faster and launch large-scale attacks, while lowering barriers to phishing and social engineering.

• The SFC also identified areas where companies can strengthen cybersecurity, including patching and vulnerability management, detection and monitoring, and incident response and recovery.• Eric Yip, the SFC's executive director of intermediaries, said senior management at licensed firms should take primary responsibility for cyber resilience and protecting client assets.• Recently, global regulators have sounded similar alarms - Australia's watchdog in late April and Japan's banking authority in mid-May - over mounting risks tied to Anthropic's new AI model, Mythos.