Beijing: China’s financial regulator told its banks and insurers to thoroughly review cyber and data security across all their businesses, underscoring the government’s increased focus on national security and data integrity.
In a directive sent at the end of last year, The National Financial Regulatory Administration (NFRA) asked banks and insurers to fix any identified loopholes to guard against the risk of ransomware attacks by mid-January, according to people familiar with the matter.
Banks were urged to reinforce the secure usage of emails and protect against phishing, said the people, asking not to be identified discussing a private matter.
The broad directive was a follow up on a short notice issued to its major banks after a cyberattack on Industrial & Commercial Bank of China Ltd (ICBC) in November crippled part of the US operations of China’s largest lender and disrupted trading in the US Treasury market.
The NFRA didn’t immediately reply to a request for a comment.
Separately, China has intensified its focus on national security and data flows over President Xi Jinping’s decade-plus in power. Beijing enacted a sweeping data security law in 2021 to ramp up control over information flows.
The crackdown has hampered the expansion of foreign firms, including banks, in the country and raised concerns about investments in China.
ICBC, the world’s largest bank by assets, was hit by a hacker attack at a US unit in November that rendered it unable to clear trades in US Treasuries and forced it to send data around New York via thumb drives.
The US Treasury Department also weighed in on the incident at the time, calling on all banks to make sure they follow best practices. — Bloomberg