Under China’s new security rules, internet operators must report hacks and cybercrimes within 1 hour

Internet operators are required to report major cybersecurity incidents – including hacking, infrastructure breakdown and key data leaks – to authorities within an hour of them occurring or risk severe punishment, according to draft regulations from China’s internet watchdog.

The Cyberspace Administration of China (CAC) published the new rules on Friday to solicit public opinion. The CAC said regulating the reporting of cybersecurity incidents could reduce the loss and damage they caused, as well as protect national internet safety.

According to the draft, all operators must report the incidents to local or national cyberspace offices, and those who work with “key information infrastructure” or face crime-related incidents should also report breaches to the police.

02:17

China’s telecoms fraud crackdown with Myanmar may help workers trapped in scam rooms

Cybersecurity incidents are defined as “incidents that cause harm to networks, information systems or data because of human factors, software or hardware failures or natural disasters”.

The operators are required to report damage caused by the incidents and measures taken, the probable cause, tips for investigation – including anything known about the attacker – the path of attack and existing loopholes, the draft said.

The draft especially stressed that major incidents should be reported within an hour.

From love scams to fake jobs, Asia-Pacific is new ‘ground zero’ for cybercrime

It describes three levels of incident, with the most severe level including leaks affecting the personal data of more than 100 million people, “affecting the work and lives of over 30 per cent of the population in a province”, “key information infrastructure disconnected for six hours” and harmful information viewed more than 1 million times or displayed for more than six hours on news media or government websites.

After the public comment period, the draft will go back to the CAC for edits.

In recent years, Chinese authorities have repeatedly stressed that the country faces a growing risk of cyberattack, data leaks, disinformation and AI-driven cognitive warfare, with the rapid growth of technology.

In an article published in September in China Internet and Information, the official journal of the CAC, State Security Minister Chen Yixin wrote, “Our biggest hidden risk is that our critical basic information infrastructure can be vulnerable to attack”.

“Our finance, energy, electricity, communications and transport operation networks have become key targets of cyberattacks from outside the country,” he wrote. “There would be dire consequences, such as transport disruptions, chaos in financial markets and paralysis of electricity supply if these systems were hacked, taken over, tampered with or sabotaged.”

02:04

‘Stop stealing’: China condemns US over Trojan horse cyberattacks on state-funded university

Without citing specific examples, Chen named new technologies that could introduce greater security uncertainty, including artificial intelligence, quantum communication, blockchain technology and satellite internet.

The incidents prompted discussion among experts, media commentators and netizens about how internet infrastructure had become a normal part of public life, just like gas and water, and its security needed to be emphasised and regularly maintained.

China indicts 52 per cent more cyber scammers than last year amid crackdown

China enacted its Cybersecurity Law in 2016, stressing the need to maintain control of the nation’s sovereign cyberspace and national security.

Building on that foundation, the Data Security Law was implemented in September 2021 to limit the ways data can be processed. The law also stresses the need to safeguard national security and interests, making the protection of data a national security priority.

South China Morning Post