Hong Kong Faced Over 440,000 Cyber Threats in 2024, Police Report Reveals

Hong Kong was hit by more than 440,000 cyber threats in 2024, including over 100 cases of ransomware and system intrusions, according to a new report from the city’s police force.

The Cyber Security and Technology Crime Bureau (CSTCB) of the Hong Kong Police Force released the report on Monday, highlighting the growing threat of cyberattacks in the city.

The report also found that around 5% of online systems classified as critical infrastructure had security weaknesses or loopholes. These systems include important services like transport, utilities, and finance.

In total, police processed more than 25 million pieces of cyber threat intelligence last year, with 440,000 of them directly targeting Hong Kong. About 65% of these threats were phishing attacks — fake emails or links designed to trick people into downloading malware or sharing login details.

In the first quarter of 2025, police recorded 7,680 technology crime cases — a 1.1% increase from the same period last year. However, the financial losses dropped by 11.7% to HK$1.43 billion (around US$182 million).

Over 100 of the attacks involved ransomware and system intrusions. Fourteen cases were related to system intrusions, up nearly 8% from the previous year, with total losses reaching HK$12.5 million.

One of the biggest incidents involved a financial services company that lost nearly HK$5 million after hackers broke into its system, according to Superintendent Baron Chan Shun-ching of CSTCB.

Chan said many affected companies had weak security measures, such as poor access controls, outdated systems, and a lack of tools to detect threats. He added that the rise in reported cases was also due to a new law passed in March — the Protection of Critical Infrastructures (Computer Systems) Ordinance — which now requires organizations to report such incidents.

Senior Superintendent Carmen Leung Oi-lam said the police carried out regular cybersecurity checks last year on more than 90,000 internet systems used by key infrastructures. About 4,500 of these systems — or 5% — had some form of security issue.

Police said 89% of these issues were medium to low risk, like problems with certificate authorization. The other 11% were considered high to extremely high risk, involving stolen login credentials or exposed cloud storage services.

Authorities have warned the affected organizations to fix the vulnerabilities as soon as possible.