Amber
Solutions & Service
About Us
News
News/
RigSec Conducts Specialized Digital Asset Custody Training for Hong Kong Police Force

2026-03-16, 2 min read time

HONG KONG — On March 10, 2026, at the invitation of the Hong Kong Police Force (HKPF), RigSec led a specialized training session focused on the secure and compliant custody of digital assets within the licensed Virtual Asset Trading Platform (VATP) framework.

The session was led by Dr. Chiachih Wu (Chief Security Consultant) and Sarah Ye (CEO of RigSec), providing law enforcement with a technical deep dive into the infrastructure protecting Hong Kong’s digital asset frontier.

Addressing the 2026 Threat Landscape

The training opened with Dr. Wu deconstructing the most critical attack vectors currently facing global institutions. Key threats discussed included:

- Systemic Exploits: Vulnerabilities in API logic and "False Top-Up" attacks on wallet services.

- Infrastructure Compromise: Signer vulnerabilities and the risks of over-reliance on hot wallets.

- Advanced Social Engineering: The use of malicious SDK updates and "Git Clone" hooks to bypass traditional defenses.

Compliant Solutions & Best Practices

Following the threat analysis, RigSec shared insights into the regulatory landscape in Hong Kong and introduced its mainstream compliant custody solutions currently used by licensed VATPs. The team demonstrated how RigSec’s solution is engineered to meet strict regulatory requirements while neutralizing modern security risks, including but not limited to:

- Why and how to leverage secure hardware to protect the lifecycle of private keys. 

- How to utilize the What-You-See-Is-What-You-Sign mechanism to eliminate the high-level Man-in-the-middle attack.

- How to balance the digital assets among the hot wallet and the air-gapped cold wallet to defend against cyber threats. 


To ensure long-term resilience, RigSec shared operational best practices for institutions, including:

- Zero Trust Architecture: Eliminating implicit trust within the network environment.

- AI-Enhanced Monitoring: Leveraging real-time AI logging to detect anomalies before they escalate.

- Continuous Readiness: Implementing regular red-teaming and emergency response drills to bridge the gap between human error and technical security.


Strengthening the Ecosystem


This collaboration marks a significant step in RigSec’s ongoing partnership with law enforcement to protect the integrity of Hong Kong’s blockchain-based financial systems. By aligning technical excellence with regulatory compliance, RigSec remains dedicated to safeguarding the future of institutional digital assets.