Cyber Security and Technology Crime Bureau (CSTCB) has continuously evolved and innovated to safeguard Hong Kong's cybersecurity environment. This year, CSTCB published the Cybersecurity Report 2025, which reviews Hong Kong's cybersecurity landscape in 2025 and offers professional analysis and expert recommendations drawn from CSTCB's experience in handling cybersecurity incidents. The report also forecasts the potential cyber threats posed by emerging technologies. Through this report, CSTCB aims to enhance cybersecurity awareness and strengthen defensive capabilities across the public and the cybersecurity industry.
Key Cybersecurity Data
- In 2025, the Hong Kong Police Force recorded 31,571 technology crime cases, including online deceptions and destructive cyberattacks, of which 52 were hacking activities and 43 were ransomware cases.
- In 2025, CSTCB processed over 35 million pieces of cyber threat intelligence, averaging more than 96,000 pieces per day. Among these, CSTCB identified over 1.54 million cyber threats targeting Hong Kong.
- CSTCB conducted over 100,000 assessments on Internet-facing assets of critical infrastructures in Hong Kong and found that 7.8% of these assets had varying degrees of system vulnerabilities. Among the discovered vulnerabilities, 95% were classified as medium and low risk, and 5% were identified as critical and high risk.
Key Lessons from 2025 Cybersecurity Incidents
Three core lessons emerge from the 2025 incident response cases: first, remote access services and edge devices remain the primary intrusion vectors, making attack surface management and identity hardening top defensive priorities; second, backup systems should not share the same authentication mechanism as the production environment, to avoid simultaneous compromise and loss of recovery capability; and third, insufficient log visibility severely hinders investigation and attribution, and must therefore be addressed.
Cyber Threat Forecast 2026+
- Quantum
- Blockchain
- Cloud Computing
- Satellite
- Artificial Intelligence (AI)
In his foreword to the report, Chief Superintendent Raymond Lam of CSTCB stated that CSTCB will remain innovation-led, continue to drive the comprehensive development of Hong Kong's cybersecurity ecosystem, and build a solid cybersecurity defence for the city's digital transformation and smart city development.
For further details, please refer to the electronic version (PDF) of the CSTCB Cybersecurity Report 2025.
