China proposed a four-tier classification to respond to data security incidents, showing its concern about data leaks and hacking in the country.
The plan is due to increased tensions with the United States and its allies. It follows an incident where a hacker claimed to have gotten a large amount of personal information on one billion Chinese from the Shanghai police.
By infosecbulletin
/ Monday , January 20 2025
Security researchers have found several vulnerabilities in Azure DevOps that could enable attackers to inject CRLF queries and carry out...
Read More
By infosecbulletin
/ Monday , January 20 2025
Intel Corporation is a leading semiconductor chip manufacturer, employing at least 22 graduates from the Department of Applied Chemistry and...
Read More
By infosecbulletin
/ Sunday , January 19 2025
vpnMentor’s Research Team is monitoring the potential TikTok ban in the U.S., driven by national security and data privacy issues....
Read More
By infosecbulletin
/ Saturday , January 18 2025
MITRE launched D3FENDTM 1.0, a cybersecurity framework that provides a vocabulary and understanding of the cyber domain. D3FEND 1.0, funded...
Read More
By infosecbulletin
/ Friday , January 17 2025
Amazon Web Services (AWS) has recently fixed two major security vulnerabilities in its cloud services: Amazon WorkSpaces, Amazon AppStream 2.0,...
Read More
By infosecbulletin
/ Friday , January 17 2025
Last year saw a significant rise in cyber threats, with malware becoming more advanced and attack strategies more sophisticated. A...
Read More
By infosecbulletin
/ Thursday , January 16 2025
A recent Infoblox Threat Intel report reveals a sophisticated botnet that exploits DNS misconfigurations to spread malware widely. This botnet,...
Read More
By infosecbulletin
/ Thursday , January 16 2025
A new security flaw traced, CVE-2024-9042, poses a serious risk to Kubernetes clusters with Windows worker nodes. It has a...
Read More
By infosecbulletin
/ Thursday , January 16 2025
The hacking group "Belsen Group" has posted over 15,000 unique FortiGate firewall configurations online. The data dump, reportedly obtained by exploiting...
Read More
By infosecbulletin
/ Thursday , January 16 2025
Registration open for "1st Agile Cyber Drill-2025" scheduled for February 26, 2025 online with an awards ceremony for 9 March...
Read More
ALSO READ:
5 Islamic banks risk of being frozen out of certain transactions
China’s Ministry of Industry and Information Technology (MIIT) published a detailed draft plan laying out how local governments and companies should assess and respond to incidents.
The plan is seeking public opinions. It suggests a four-tier, color-coded system based on the level of harm to national security, a company’s online and information network, or the functioning of the economy.
Incidents will be considered “especially grave” if they cause losses over 1 billion yuan ($141 million) and affect the personal information of more than 100 million people, or the “sensitive” information of over 10 million people. In these cases, a red warning must be issued.
According to the plan, when there are red or orange warnings, the companies and local regulatory authorities must create a 24-hour work schedule to handle the incident. They also need to inform MIIT of the data breach within ten minutes of it happening, along with other actions.
“If the incident is judged to be grave… it should be immediately reported to the local industry regulatory department, no late reporting, false reporting, concealment or omission of reporting is allowed,” MIIT said.