China revealed that it is creating a national cyberattack database and will require telecom firms, internet companies and domain name providers to report any threats to it.
According to news from Reuters, the Ministry of Industry and Information Technology (MIIT), which is creating the platform, announced that companies and telcos – as well as government bodies – will be required to share information on cybercrime, including Trojan malware, hardware vulnerabilities and content linked to “malicious” IP addresses.
Those that fail to follow the rules will be subject to “warnings, fines and other administrative penalties,” although no specifics were given.
The ministry will also be liable for disposing of threats under the new rules, which will take effect on January 1.
This new law is yet another way that Chinese authorities are working to protect core infrastructure and private companies against cyberattacks. In June, a nationwide cyber emergency response plan was created, which included the development of a central response system and ordered punitive measures for government units that failed to follow security guidelines. And earlier this year, rules were introduced requiring state telecommunications firms to take a more active role in removing VPNs and other tools used to subvert China’s Great Firewall.
In addition to these new rules and requirements, the country’s Cyberspace Administration of China and its education ministry revealed last month a plan to build approximately four to six cybersecurity schools between 2017 and 2027 to do battle against hackers and cybercrime.
Chinese President Xi Jinping shared that these colleges and universities will receive government resources in order to “invest big money, invite [the] best teachers, compile excellent teaching materials, recruit good students and build first-class cybersecurity schools.”