Circular to All Licensed Corporations
Alert for Ransomware Threats

15 May 2017

It is widely reported that a new variant of ransomware namely, ‘WannaCry’1 has spread over the Internet and infected many computer devices across the world including Hong Kong.  In such ransomware attacks, the victim's files are maliciously encrypted and a ransom is requested by the criminals in order to recover the victim’s files.  It is possible that similar cybersecurity incidents would be observed across the securities industry in Hong Kong. 

All licensed corporations are reminded to be on alert for cybersecurity threats (including ransomware attacks) and implement appropriate measures to address the risks.  Some suggested measures have been provided in the security alert released by the HKCERT2.  For examples, the following preventive measures should be considered:

Furthermore, licensed corporations are expected to take immediate actions (including seeking advice from external contracted vendors if they do not possess such expertise and/or resources in-house) to critically review and assess the effectiveness of their cybersecurity controls in place.  Reference should also be made to the suggested cybersecurity controls provided in our previous circulars3 concerning cybersecurity.  Lastly, licensed corporations are reminded to report to the SFC immediately upon happening of any material cybersecurity incident including ransomware attacks.

Should you have any questions regarding the contents of this circular, please contact Ms Denise Chan at 2231 1188.

Intermediaries Supervision Department
Intermediaries Division
Securities and Futures Commission



1 WannaCry (also known as ‘WannaCrypt’ or ‘Wanna Decryptor’, etc.) has the ability to spread itself within corporate networks, without user interaction, by exploiting a known vulnerability in Microsoft Windows. Computers which do not have the latest Windows security updates applied are at risk of infection.
Please refer to released by Hong Kong Computer Emergency Response Team Coordination Centre (“HKCERT”).
Circular to All Licensed Corporations - Alert for Cybersecurity Threats dated 26 January 2017;
Circular to All Licensed Corporations on Cybersecurity dated 23 March 2016;
Circular to All Brokers – Tips on Protection of Online Trading Accounts dated 29 January 2016;
Circular to All Licensed Corporations on Internet Trading – Internet Trading Self-Assessment Checklist dated 11 June 2015;
Circular to Licensed Corporations – Mitigating Cybersecurity Risks dated 27 November 2014;
Circular to All Licensed Corporations on Internet Trading – Information Security Management and System Adequacy dated 26 November 2014; and
Circular to All Licensed Corporations on Internet Trading - Reducing Internet Hacking Risks dated 27 January 2014.

Click here to download the document

Page last updated : 15 May 2017