Hong Kong Cybersecurity Attack and Defence Drill 2025 launched today (with photos)
**********************************************************************************
The drill is spearheaded by the Digital Policy Office (DPO) in collaboration with the Cyber Security and Technology Crime Bureau of the Hong Kong Police Force, the Hong Kong Internet Registration Corporation Limited, Cyberport and the Hong Kong Institute of Information Technology and is joined by various government departments and public organisations.
Addressing the opening ceremony, the Secretary for Innovation, Technology and Industry, Professor Sun Dong, stated that "security is the bedrock of development, while stability is a prerequisite for prosperity", underscoring the importance of a secure cyber environment in promoting Hong Kong as an international innovation and technology centre. He highlighted that Hong Kong's Cybersecurity Attack and Defence Drill employs practical combat scenarios on Internet-facing information systems with a view to conducting a thorough and in-depth evaluation of the defence capability of participating government departments and public organisations, thereby fully bolstering Hong Kong's cybersecurity protection and resilience.
During the drill, cybersecurity professionals are invited to act as attackers (the Red Teams) and perform simulated cyberattacks in a strictly controlled environment on participating organisations' designated information systems, which are in operation, to identify potential security risks and vulnerabilities. The defenders (the Blue Teams) deploy their technical skills and strategies to detect and fend off these attacks while managing daily operations, thereby strengthening their incident response capabilities and enhancing their experience.
Following the success of the first Hong Kong Cybersecurity Attack and Defence Drill organised by the DPO last year, the overall scale of the drill this year has been further upgraded to enhance its overall effectiveness. Thirty-four Blue Teams from 25 government departments and nine public organisations are participating with their designated information systems in the drill. Meanwhile, the 15 Red Teams comprise experienced Hong Kong and Mainland cybersecurity practitioners, higher education institutions, and three leading attacking teams recommended by the Cyberspace Administration of Guangdong Province, fully reflecting the collaboration and exchange in cybersecurity between Guangdong and Hong Kong. The DPO has also invited 15 cybersecurity firms from the Mainland with extensive drill experience to provide technical support and advice, joining forces to strengthen Hong Kong's cybersecurity defence capability. Representatives from more than 60 organisations are also attending as observers to learn more about the drill process, serving as a reference for future drills.
The drill spanned three days for a total of 60 hours, and will end at 11pm on October 12.
Ends/Friday, October 10, 2025
Issued at HKT 15:35
Issued at HKT 15:35
NNNN