New cyber rules tighten grip on China’s critical infrastructure
A sweeping new cybersecurity mandate is reshaping how critical infrastructure operators respond to online threats, tightening deadlines and raising the stakes for those who fall behind.
China has introduced one of the world’s strictest cybersecurity reporting laws, requiring major infrastructure providers to report serious cyber incidents within just one hour. The regulation, issued by the Cyberspace Administration of China, applies to all network operators working in the country and its territories.
Incidents must be graded by severity, with ‘key infrastructure’ breaches reported within 60 minutes, and ‘particularly serious’ cases, such as those threatening national security or social stability, within 30 minutes. Operators who delay or conceal information face harsh penalties under the new rules.
The directive defines major cyber incidents as those that cause large-scale paralysis, severe data loss, or the compromise of massive amounts of personal information. Even social organisations and individuals are encouraged to report significant security breaches.
Notably, attacks targeting online media or information sites that remain visible for over six hours or reach more than a million views will also be classified as widespread cyberattacks, reflecting Beijing’s tight grip on online information control.
These requirements go far beyond standards in the United States and the European Union. In the US, companies have 72 hours to report major incidents under the Cyber Incident Reporting for Critical Infrastructure Act, while the EU’s NIS2 Directive allows up to 72 hours for full notification and one month for a final report.
The move underscores China’s dual stance in cyberspace, reinforcing domestic defences while being accused of conducting aggressive cyber operations abroad. Western security agencies recently linked Chinese-backed hackers, such as the group Salt Typhoon, to breaches of US telecoms, the Treasury Department, and other key sectors.
A 2025 CrowdStrike report found China-related hacking activity surged by 150% last year, marking what analysts called an ‘inflexion point’ in Beijing’s global cyber ambitions.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!