SlideShare une entreprise Scribd logo

China's Cyber Threat Landscape from the Perspective of CNCERT/CC by Zhu Yunqian [APRICOT 2015]

APNIC
APNIC

A presentation given at the first APCERT session of APRICOT 2015 on Wednesday, 4th March 2015.

1  sur  19
China's Cybersecurity landscape from the perspective of CNCERT/CC
OUTLINE The cybersecurity landscape of mainland China Introduction about CNCERT and responses to cybersecurity threats
Network development Statistics (until 2014): Domain name : 21M Website :34 M netizens: 649 M mobile netizens: 557 M
Cybersecurity landscape Cybersecurity Trojans and botnets Websites Security Mobile Malware Vulnerabil ities
Trojans and botnets 11.1 million11.4 million 2013 2014 In 2014, a total of over 11.1 million computers were infected with trojans or botnets in mainland China, about 2.3% less than 2013.
Massive infected computers were controlled by overseas C&C servers More than 10.8 million infected hosts were controlled by about 42 thousands trojan or botnet C&C servers located overseas.  The top 3 locations of the C&C server’s IPs were the USA (21.8% ), Hongkong(18.9%) and Korea(8.2%). The C&C servers in the USA controlled more than 3.9 million infected hosts in mainland China, which recorded the largest amount. It was followed by Portugal and Finland. USA 21.8% HongKong 18.9% Korea 8.2%Japan 4.1% India 3.3% Taiwan 3.0% Germany 2.4% Maxico 2.4% France 1.9% Russia 1.7% OTher 32.4% The distribution of Overseas C&C Servers’ IPs in 2014
Website security Over 19 thousand overseas IPs conducted remote control on over 33 thousand websites in mainland China. In terms of their IP locations: USA (24.8%) Korea(6.7%) Hongkong(6.5%) Websites defaced : 37 thousand 1.8 thousand government websites Websites planted with backdoors: 40 thousand 1.5thousand government websites
Large amounts of phishing pages were located overseas 99 thousand phishing webpages targeted websites in mainland China. • About 7 thousand IPs were involved. • 89.4% IPs of these phishing servers were located overseas. • 1083 IPs from USA loaded more than 10 thousand phishing pages. CNCERT received about 18 thousand reports of phishing, 31.8% of the total reports. Hongkong 15.2% Korea 1.8% USA 17.7% Taiwan 0.2% Thailand 0.5% Other 64.5% The distribution of overseas phishing servers monitored by CNCERT in 2014
Mobile malware Over 300 third party android app stores.
Mobile malware rose rapidly In 2014, CNCERT captured more than 951 thousand mobile malwares. We found in the last several years, the mobile malware becomes time of growth. 52 67 110 208 416 1664 6249 162981 702861 951059 0 100000 200000 300000 400000 500000 600000 700000 800000 900000 1000000 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 Statistical Trend of the mobile Malware from 2005 to 2014
More and more hacker make mobile malware for pursuing interest. Malicious fee deduction 55.0% Fee consumption 15.3% Stealing information 12.9% Rogue behavior 9.7% Remote control 4.4% System damage 1.3% Trick and fraud 1.0% Malicious spread 0.3% Intention-based Categories of the Mobile Malware in 2014 In term of intension of the mobile malware: Malicious fee deducting (55.0%) fee consumption (15.3%) stealing information (12.9%)
Vulnerabilities • Vulnerabilities In total 9163 16.7% • High-risky 2394 8.1% 174 214 212 225 241 176 203 183 172 200 188 206 428 429 368 413 379 316 493 341 885 977 637 366 77 56 64 48 62 61 84 57 74 68 39 47 0 200 400 600 800 1000 1200 1 2 3 4 5 6 7 8 9 10 11 12 Monthly vulnerabilities collected by CNCERT in 2014 High-risky Mid-risky Low-risky
The process of fixing vulnerabilities is too slow to avoid risk Network administrators are too busy to handle a lot of new vulnerabilities. It should be very careful to operate on the online systems. It takes a long time to fix vulnerabilities. Both accumulated and newly occurred vulnerabilities cause serious threat to information systems.
OUTLINE The cybersecurity landscape of mainland China Introduction about CNCERT and responses to cybersecurity threats
National Level CERT of China • Non-governmental and non-profit cybersecurity technical center under MIIT (Ministry of Industry and Information Technology of the People’s Republic of China ) • Single point of contact in mainland China for national CERTs • Key coordination team for China’s cybersecurity emergency response community 2002.9
EARLY WARNING Received(2014): 800+information report partners domestic Released(2014): 264 reports Landscape presentation Annual meeting 52 weekly reports in English 1 annual report in English Content of report include: cybersecurity threats notification, incidents analysis, national landscape analysis, technical assistance ,etc.
Emergency Response Accepted 56180 incidents complaint Handled 56072 incidents Increase the governance intensity of the Internet environment and restrain malicious codes Taken down 744 large scale Botnets protect 982,000 infected hosts removed 8644 malicious apps
CNCERT has established partnership with 144 organizations in 63countries or regions CNCERT International Cooperation Partnership INTERNATIONAL COOPERATION
Many Thanks! http://www.cncert.org.cn Email: cncert@cert.org.cn ME: Yunqian Zhu zyq@cert.org.cn

Recommandé

Mobile Security
Mobile SecurityMobile Security
Mobile SecurityRahul Neel Mani
 
Wireless security trends
Wireless security trendsWireless security trends
Wireless security trendsAshmar Kalangottil
 
Infographic: The High Cost of BYOD
Infographic: The High Cost of BYODInfographic: The High Cost of BYOD
Infographic: The High Cost of BYODTrustwave
 
Nuevas tecnologías a nivel de hogares
Nuevas tecnologías a nivel de hogaresNuevas tecnologías a nivel de hogares
Nuevas tecnologías a nivel de hogaresMiriam Ortega
 
Modeling and restraining of mobile virus propagation
Modeling and restraining of mobile virus propagationModeling and restraining of mobile virus propagation
Modeling and restraining of mobile virus propagationPranav Pinarayi
 
T.A.S.C - mobile device secuirty
T.A.S.C - mobile device secuirtyT.A.S.C - mobile device secuirty
T.A.S.C - mobile device secuirtyAdam Radly
 
Trend micro research covid19 threat brief summary 27 mar
Trend micro research covid19 threat brief summary 27 marTrend micro research covid19 threat brief summary 27 mar
Trend micro research covid19 threat brief summary 27 marPrime Infoserv
 
Mobile Threats, Made to Measure
Mobile Threats, Made to MeasureMobile Threats, Made to Measure
Mobile Threats, Made to MeasureLookout
 

Recommandé

Mobile Security
Mobile SecurityMobile Security
Mobile SecurityRahul Neel Mani
 
Wireless security trends
Wireless security trendsWireless security trends
Wireless security trendsAshmar Kalangottil
 
Infographic: The High Cost of BYOD
Infographic: The High Cost of BYODInfographic: The High Cost of BYOD
Infographic: The High Cost of BYODTrustwave
 
Nuevas tecnologías a nivel de hogares
Nuevas tecnologías a nivel de hogaresNuevas tecnologías a nivel de hogares
Nuevas tecnologías a nivel de hogaresMiriam Ortega
 
Modeling and restraining of mobile virus propagation
Modeling and restraining of mobile virus propagationModeling and restraining of mobile virus propagation
Modeling and restraining of mobile virus propagationPranav Pinarayi
 
T.A.S.C - mobile device secuirty
T.A.S.C - mobile device secuirtyT.A.S.C - mobile device secuirty
T.A.S.C - mobile device secuirtyAdam Radly
 
Trend micro research covid19 threat brief summary 27 mar
Trend micro research covid19 threat brief summary 27 marTrend micro research covid19 threat brief summary 27 mar
Trend micro research covid19 threat brief summary 27 marPrime Infoserv
 
Mobile Threats, Made to Measure
Mobile Threats, Made to MeasureMobile Threats, Made to Measure
Mobile Threats, Made to MeasureLookout
 
Green MIW 2008 Keynote
Green MIW 2008 KeynoteGreen MIW 2008 Keynote
Green MIW 2008 KeynoteEmily Green
 
The Mobility Challenge - Fran Rosch, SVP Mobility
The Mobility Challenge - Fran Rosch, SVP MobilityThe Mobility Challenge - Fran Rosch, SVP Mobility
The Mobility Challenge - Fran Rosch, SVP MobilitySymantec
 
The Norton Report 2013
The Norton Report 2013The Norton Report 2013
The Norton Report 2013Marian Merritt
 
Mobile security mobile malware countermeasure academic csirt
Mobile security mobile malware countermeasure academic csirtMobile security mobile malware countermeasure academic csirt
Mobile security mobile malware countermeasure academic csirtIGN MANTRA
 
I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and CountermeasureI.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and CountermeasureIndonesia Honeynet Chapter
 
Smartphone User Persona Report 2015 - Malaysia (Infograph)
Smartphone User Persona Report 2015 - Malaysia (Infograph)Smartphone User Persona Report 2015 - Malaysia (Infograph)
Smartphone User Persona Report 2015 - Malaysia (Infograph)Vserv
 
Better Security Through Big Data Analytics
Better Security Through Big Data AnalyticsBetter Security Through Big Data Analytics
Better Security Through Big Data AnalyticsSymantec
 
The Internet of Security Things (A Story about Change)
The Internet of Security Things (A Story about Change) The Internet of Security Things (A Story about Change)
The Internet of Security Things (A Story about Change) Lori MacVittie
 
Mobile instant messaging survey 2017
Mobile instant messaging survey 2017Mobile instant messaging survey 2017
Mobile instant messaging survey 2017Prayogo Ryza Sulistiyo
 
Mobile Internet User Distribution in Iran
Mobile Internet User Distribution in IranMobile Internet User Distribution in Iran
Mobile Internet User Distribution in Iranaminashena
 
A Rise of Citizen Application Developers
A Rise of Citizen Application DevelopersA Rise of Citizen Application Developers
A Rise of Citizen Application DevelopersAppian
 
DW 2015: Joachim Rajaram - Myanmar Digital Leapfrogging in Practice
DW 2015: Joachim Rajaram - Myanmar Digital Leapfrogging in PracticeDW 2015: Joachim Rajaram - Myanmar Digital Leapfrogging in Practice
DW 2015: Joachim Rajaram - Myanmar Digital Leapfrogging in PracticeTelenor Group
 
GroupM - Vietnam digital landscape 09/2013
GroupM - Vietnam digital landscape 09/2013GroupM - Vietnam digital landscape 09/2013
GroupM - Vietnam digital landscape 09/2013★ Duong Vo ★
 
Mobile practice management philly bar 2014 handout
Mobile practice management philly bar 2014 handoutMobile practice management philly bar 2014 handout
Mobile practice management philly bar 2014 handoutClio - Cloud-Based Legal Technology
 
Vietnam Digital landscape update 2013 Sep_2013_Mindshare
Vietnam Digital landscape update 2013 Sep_2013_MindshareVietnam Digital landscape update 2013 Sep_2013_Mindshare
Vietnam Digital landscape update 2013 Sep_2013_MindsharePhương Bi
 
Apa engineering
Apa engineeringApa engineering
Apa engineeringthulasitharan77
 
Ict facts figures2014-e (1)
Ict facts figures2014-e (1)Ict facts figures2014-e (1)
Ict facts figures2014-e (1)Mohamed Salem
 
Consumer barometer 2015 Viet Nam
Consumer barometer 2015 Viet NamConsumer barometer 2015 Viet Nam
Consumer barometer 2015 Viet NamToan Cao
 
Avast Q1 Security Report 2015
Avast Q1 Security Report 2015Avast Q1 Security Report 2015
Avast Q1 Security Report 2015Avast
 
SparkLabs Global Wireless Industry Overview 2014
SparkLabs Global Wireless Industry Overview 2014SparkLabs Global Wireless Industry Overview 2014
SparkLabs Global Wireless Industry Overview 2014Bernard Moon
 
2015 Global Threat Intelligence Report
2015 Global Threat Intelligence Report2015 Global Threat Intelligence Report
2015 Global Threat Intelligence ReportDImension Data
 
Cyber Threat Intelligence: Highlights and Trends for 2020
Cyber Threat Intelligence: Highlights and Trends for 2020Cyber Threat Intelligence: Highlights and Trends for 2020
Cyber Threat Intelligence: Highlights and Trends for 2020DevOps.com
 

Contenu connexe

Tendances

Green MIW 2008 Keynote
Green MIW 2008 KeynoteGreen MIW 2008 Keynote
Green MIW 2008 KeynoteEmily Green
 
The Mobility Challenge - Fran Rosch, SVP Mobility
The Mobility Challenge - Fran Rosch, SVP MobilityThe Mobility Challenge - Fran Rosch, SVP Mobility
The Mobility Challenge - Fran Rosch, SVP MobilitySymantec
 
The Norton Report 2013
The Norton Report 2013The Norton Report 2013
The Norton Report 2013Marian Merritt
 
Mobile security mobile malware countermeasure academic csirt
Mobile security mobile malware countermeasure academic csirtMobile security mobile malware countermeasure academic csirt
Mobile security mobile malware countermeasure academic csirtIGN MANTRA
 
I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and CountermeasureI.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and CountermeasureIndonesia Honeynet Chapter
 
Smartphone User Persona Report 2015 - Malaysia (Infograph)
Smartphone User Persona Report 2015 - Malaysia (Infograph)Smartphone User Persona Report 2015 - Malaysia (Infograph)
Smartphone User Persona Report 2015 - Malaysia (Infograph)Vserv
 
Better Security Through Big Data Analytics
Better Security Through Big Data AnalyticsBetter Security Through Big Data Analytics
Better Security Through Big Data AnalyticsSymantec
 
The Internet of Security Things (A Story about Change)
The Internet of Security Things (A Story about Change) The Internet of Security Things (A Story about Change)
The Internet of Security Things (A Story about Change) Lori MacVittie
 
Mobile Internet User Distribution in Iran
Mobile Internet User Distribution in IranMobile Internet User Distribution in Iran
Mobile Internet User Distribution in Iranaminashena
 
A Rise of Citizen Application Developers
A Rise of Citizen Application DevelopersA Rise of Citizen Application Developers
A Rise of Citizen Application DevelopersAppian
 
DW 2015: Joachim Rajaram - Myanmar Digital Leapfrogging in Practice
DW 2015: Joachim Rajaram - Myanmar Digital Leapfrogging in PracticeDW 2015: Joachim Rajaram - Myanmar Digital Leapfrogging in Practice
DW 2015: Joachim Rajaram - Myanmar Digital Leapfrogging in PracticeTelenor Group
 
GroupM - Vietnam digital landscape 09/2013
GroupM - Vietnam digital landscape 09/2013GroupM - Vietnam digital landscape 09/2013
GroupM - Vietnam digital landscape 09/2013★ Duong Vo ★
 
Vietnam Digital landscape update 2013 Sep_2013_Mindshare
Vietnam Digital landscape update 2013 Sep_2013_MindshareVietnam Digital landscape update 2013 Sep_2013_Mindshare
Vietnam Digital landscape update 2013 Sep_2013_MindsharePhương Bi
 
Ict facts figures2014-e (1)
Ict facts figures2014-e (1)Ict facts figures2014-e (1)
Ict facts figures2014-e (1)Mohamed Salem
 
Consumer barometer 2015 Viet Nam
Consumer barometer 2015 Viet NamConsumer barometer 2015 Viet Nam
Consumer barometer 2015 Viet NamToan Cao
 

Tendances (18)

Green MIW 2008 Keynote
Green MIW 2008 KeynoteGreen MIW 2008 Keynote
Green MIW 2008 Keynote
 
The Mobility Challenge - Fran Rosch, SVP Mobility
The Mobility Challenge - Fran Rosch, SVP MobilityThe Mobility Challenge - Fran Rosch, SVP Mobility
The Mobility Challenge - Fran Rosch, SVP Mobility
 
The Norton Report 2013
The Norton Report 2013The Norton Report 2013
The Norton Report 2013
 
Mobile security mobile malware countermeasure academic csirt
Mobile security mobile malware countermeasure academic csirtMobile security mobile malware countermeasure academic csirt
Mobile security mobile malware countermeasure academic csirt
 
I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and CountermeasureI.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
 
Smartphone User Persona Report 2015 - Malaysia (Infograph)
Smartphone User Persona Report 2015 - Malaysia (Infograph)Smartphone User Persona Report 2015 - Malaysia (Infograph)
Smartphone User Persona Report 2015 - Malaysia (Infograph)
 
Better Security Through Big Data Analytics
Better Security Through Big Data AnalyticsBetter Security Through Big Data Analytics
Better Security Through Big Data Analytics
 
The Internet of Security Things (A Story about Change)
The Internet of Security Things (A Story about Change) The Internet of Security Things (A Story about Change)
The Internet of Security Things (A Story about Change)
 
Mobile instant messaging survey 2017
Mobile instant messaging survey 2017Mobile instant messaging survey 2017
Mobile instant messaging survey 2017
 
Mobile Internet User Distribution in Iran
Mobile Internet User Distribution in IranMobile Internet User Distribution in Iran
Mobile Internet User Distribution in Iran
 
A Rise of Citizen Application Developers
A Rise of Citizen Application DevelopersA Rise of Citizen Application Developers
A Rise of Citizen Application Developers
 
DW 2015: Joachim Rajaram - Myanmar Digital Leapfrogging in Practice
DW 2015: Joachim Rajaram - Myanmar Digital Leapfrogging in PracticeDW 2015: Joachim Rajaram - Myanmar Digital Leapfrogging in Practice
DW 2015: Joachim Rajaram - Myanmar Digital Leapfrogging in Practice
 
GroupM - Vietnam digital landscape 09/2013
GroupM - Vietnam digital landscape 09/2013GroupM - Vietnam digital landscape 09/2013
GroupM - Vietnam digital landscape 09/2013
 
Mobile practice management philly bar 2014 handout
Mobile practice management philly bar 2014 handoutMobile practice management philly bar 2014 handout
Mobile practice management philly bar 2014 handout
 
Vietnam Digital landscape update 2013 Sep_2013_Mindshare
Vietnam Digital landscape update 2013 Sep_2013_MindshareVietnam Digital landscape update 2013 Sep_2013_Mindshare
Vietnam Digital landscape update 2013 Sep_2013_Mindshare
 
Apa engineering
Apa engineeringApa engineering
Apa engineering
 
Ict facts figures2014-e (1)
Ict facts figures2014-e (1)Ict facts figures2014-e (1)
Ict facts figures2014-e (1)
 
Consumer barometer 2015 Viet Nam
Consumer barometer 2015 Viet NamConsumer barometer 2015 Viet Nam
Consumer barometer 2015 Viet Nam
 

Similaire à China's Cyber Threat Landscape from the Perspective of CNCERT/CC by Zhu Yunqian [APRICOT 2015]

Avast Q1 Security Report 2015
Avast Q1 Security Report 2015Avast Q1 Security Report 2015
Avast Q1 Security Report 2015Avast
 
SparkLabs Global Wireless Industry Overview 2014
SparkLabs Global Wireless Industry Overview 2014SparkLabs Global Wireless Industry Overview 2014
SparkLabs Global Wireless Industry Overview 2014Bernard Moon
 
2015 Global Threat Intelligence Report
2015 Global Threat Intelligence Report2015 Global Threat Intelligence Report
2015 Global Threat Intelligence ReportDImension Data
 
Cyber Threat Intelligence: Highlights and Trends for 2020
Cyber Threat Intelligence: Highlights and Trends for 2020Cyber Threat Intelligence: Highlights and Trends for 2020
Cyber Threat Intelligence: Highlights and Trends for 2020DevOps.com
 
andrew milroy - top security trends and takeaways for 2013
andrew milroy - top security trends and takeaways for 2013andrew milroy - top security trends and takeaways for 2013
andrew milroy - top security trends and takeaways for 2013Graeme Wood
 
Threat predictions 2011
Threat predictions 2011 Threat predictions 2011
Threat predictions 2011 Trend Micro
 
Bitdefender mobile security for android
Bitdefender mobile security for androidBitdefender mobile security for android
Bitdefender mobile security for androidKazi Sarwar Hossain
 
NEED FOR CRITICAL CYBER DEFENCE, SECURITY STRATEGY AND PRIVACY POLICY IN BANG...
NEED FOR CRITICAL CYBER DEFENCE, SECURITY STRATEGY AND PRIVACY POLICY IN BANG...NEED FOR CRITICAL CYBER DEFENCE, SECURITY STRATEGY AND PRIVACY POLICY IN BANG...
NEED FOR CRITICAL CYBER DEFENCE, SECURITY STRATEGY AND PRIVACY POLICY IN BANG...IJMIT JOURNAL
 
Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Dell World
 
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...DevOps Indonesia
 
Third Annual Mobile Threats Report
Third Annual Mobile Threats ReportThird Annual Mobile Threats Report
Third Annual Mobile Threats ReportJuniper Networks
 
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...iosrjce
 
Harnessing-Mobile-Internet
Harnessing-Mobile-InternetHarnessing-Mobile-Internet
Harnessing-Mobile-Interneteweinman
 
Tripwire University Boot Camp – The Shifting Landscape: Know Your Battlefield
Tripwire University Boot Camp – The Shifting Landscape: Know Your BattlefieldTripwire University Boot Camp – The Shifting Landscape: Know Your Battlefield
Tripwire University Boot Camp – The Shifting Landscape: Know Your BattlefieldTripwire
 
Internet threats and issues in korea 120325 eng_slideshare
Internet threats and issues in korea 120325 eng_slideshareInternet threats and issues in korea 120325 eng_slideshare
Internet threats and issues in korea 120325 eng_slideshareYoungjun Chang
 
Symantec Internet Security Threat Report Volume 2015
Symantec Internet Security Threat Report Volume 2015Symantec Internet Security Threat Report Volume 2015
Symantec Internet Security Threat Report Volume 2015Waqas Amir
 
Journal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993ConJournal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993Conkarenahmanny4c
 
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docxJournal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docxcroysierkathey
 

Similaire à China's Cyber Threat Landscape from the Perspective of CNCERT/CC by Zhu Yunqian [APRICOT 2015] (20)

Avast Q1 Security Report 2015
Avast Q1 Security Report 2015Avast Q1 Security Report 2015
Avast Q1 Security Report 2015
 
SparkLabs Global Wireless Industry Overview 2014
SparkLabs Global Wireless Industry Overview 2014SparkLabs Global Wireless Industry Overview 2014
SparkLabs Global Wireless Industry Overview 2014
 
2015 Global Threat Intelligence Report
2015 Global Threat Intelligence Report2015 Global Threat Intelligence Report
2015 Global Threat Intelligence Report
 
Cyber Threat Intelligence: Highlights and Trends for 2020
Cyber Threat Intelligence: Highlights and Trends for 2020Cyber Threat Intelligence: Highlights and Trends for 2020
Cyber Threat Intelligence: Highlights and Trends for 2020
 
andrew milroy - top security trends and takeaways for 2013
andrew milroy - top security trends and takeaways for 2013andrew milroy - top security trends and takeaways for 2013
andrew milroy - top security trends and takeaways for 2013
 
Threat predictions 2011
Threat predictions 2011 Threat predictions 2011
Threat predictions 2011
 
Bitdefender mobile security for android
Bitdefender mobile security for androidBitdefender mobile security for android
Bitdefender mobile security for android
 
NEED FOR CRITICAL CYBER DEFENCE, SECURITY STRATEGY AND PRIVACY POLICY IN BANG...
NEED FOR CRITICAL CYBER DEFENCE, SECURITY STRATEGY AND PRIVACY POLICY IN BANG...NEED FOR CRITICAL CYBER DEFENCE, SECURITY STRATEGY AND PRIVACY POLICY IN BANG...
NEED FOR CRITICAL CYBER DEFENCE, SECURITY STRATEGY AND PRIVACY POLICY IN BANG...
 
Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats
 
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
Leveraging Vulnerability Management Beyond DPR (Discovery - Prioritization - ...
 
Third Annual Mobile Threats Report
Third Annual Mobile Threats ReportThird Annual Mobile Threats Report
Third Annual Mobile Threats Report
 
L017326972
L017326972L017326972
L017326972
 
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
 
5 main trends in cyber security for 2020
5 main trends in cyber security for 20205 main trends in cyber security for 2020
5 main trends in cyber security for 2020
 
Harnessing-Mobile-Internet
Harnessing-Mobile-InternetHarnessing-Mobile-Internet
Harnessing-Mobile-Internet
 
Tripwire University Boot Camp – The Shifting Landscape: Know Your Battlefield
Tripwire University Boot Camp – The Shifting Landscape: Know Your BattlefieldTripwire University Boot Camp – The Shifting Landscape: Know Your Battlefield
Tripwire University Boot Camp – The Shifting Landscape: Know Your Battlefield
 
Internet threats and issues in korea 120325 eng_slideshare
Internet threats and issues in korea 120325 eng_slideshareInternet threats and issues in korea 120325 eng_slideshare
Internet threats and issues in korea 120325 eng_slideshare
 
Symantec Internet Security Threat Report Volume 2015
Symantec Internet Security Threat Report Volume 2015Symantec Internet Security Threat Report Volume 2015
Symantec Internet Security Threat Report Volume 2015
 
Journal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993ConJournal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993Con
 
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docxJournal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
 

Plus de APNIC

DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119APNIC
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119APNIC
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119APNIC
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119APNIC
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonAPNIC
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonAPNIC
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPNIC
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6APNIC
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!APNIC
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023APNIC
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAPNIC
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAPNIC
 
AFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAPNIC
 

Plus de APNIC (20)

DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet development
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment Status
 
AFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressing
 

China's Cyber Threat Landscape from the Perspective of CNCERT/CC by Zhu Yunqian [APRICOT 2015]

  • 1. China's Cybersecurity landscape from the perspective of CNCERT/CC
  • 2. OUTLINE The cybersecurity landscape of mainland China Introduction about CNCERT and responses to cybersecurity threats
  • 3. Network development Statistics (until 2014): Domain name : 21M Website :34 M netizens: 649 M mobile netizens: 557 M
  • 5. Trojans and botnets 11.1 million11.4 million 2013 2014 In 2014, a total of over 11.1 million computers were infected with trojans or botnets in mainland China, about 2.3% less than 2013.
  • 6. Massive infected computers were controlled by overseas C&C servers More than 10.8 million infected hosts were controlled by about 42 thousands trojan or botnet C&C servers located overseas.  The top 3 locations of the C&C server’s IPs were the USA (21.8% ), Hongkong(18.9%) and Korea(8.2%). The C&C servers in the USA controlled more than 3.9 million infected hosts in mainland China, which recorded the largest amount. It was followed by Portugal and Finland. USA 21.8% HongKong 18.9% Korea 8.2%Japan 4.1% India 3.3% Taiwan 3.0% Germany 2.4% Maxico 2.4% France 1.9% Russia 1.7% OTher 32.4% The distribution of Overseas C&C Servers’ IPs in 2014
  • 7. Website security Over 19 thousand overseas IPs conducted remote control on over 33 thousand websites in mainland China. In terms of their IP locations: USA (24.8%) Korea(6.7%) Hongkong(6.5%) Websites defaced : 37 thousand 1.8 thousand government websites Websites planted with backdoors: 40 thousand 1.5thousand government websites
  • 8. Large amounts of phishing pages were located overseas 99 thousand phishing webpages targeted websites in mainland China. • About 7 thousand IPs were involved. • 89.4% IPs of these phishing servers were located overseas. • 1083 IPs from USA loaded more than 10 thousand phishing pages. CNCERT received about 18 thousand reports of phishing, 31.8% of the total reports. Hongkong 15.2% Korea 1.8% USA 17.7% Taiwan 0.2% Thailand 0.5% Other 64.5% The distribution of overseas phishing servers monitored by CNCERT in 2014
  • 9. Mobile malware Over 300 third party android app stores.
  • 10. Mobile malware rose rapidly In 2014, CNCERT captured more than 951 thousand mobile malwares. We found in the last several years, the mobile malware becomes time of growth. 52 67 110 208 416 1664 6249 162981 702861 951059 0 100000 200000 300000 400000 500000 600000 700000 800000 900000 1000000 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 Statistical Trend of the mobile Malware from 2005 to 2014
  • 11. More and more hacker make mobile malware for pursuing interest. Malicious fee deduction 55.0% Fee consumption 15.3% Stealing information 12.9% Rogue behavior 9.7% Remote control 4.4% System damage 1.3% Trick and fraud 1.0% Malicious spread 0.3% Intention-based Categories of the Mobile Malware in 2014 In term of intension of the mobile malware: Malicious fee deducting (55.0%) fee consumption (15.3%) stealing information (12.9%)
  • 12. Vulnerabilities • Vulnerabilities In total 9163 16.7% • High-risky 2394 8.1% 174 214 212 225 241 176 203 183 172 200 188 206 428 429 368 413 379 316 493 341 885 977 637 366 77 56 64 48 62 61 84 57 74 68 39 47 0 200 400 600 800 1000 1200 1 2 3 4 5 6 7 8 9 10 11 12 Monthly vulnerabilities collected by CNCERT in 2014 High-risky Mid-risky Low-risky
  • 13. The process of fixing vulnerabilities is too slow to avoid risk Network administrators are too busy to handle a lot of new vulnerabilities. It should be very careful to operate on the online systems. It takes a long time to fix vulnerabilities. Both accumulated and newly occurred vulnerabilities cause serious threat to information systems.
  • 14. OUTLINE The cybersecurity landscape of mainland China Introduction about CNCERT and responses to cybersecurity threats
  • 15. National Level CERT of China • Non-governmental and non-profit cybersecurity technical center under MIIT (Ministry of Industry and Information Technology of the People’s Republic of China ) • Single point of contact in mainland China for national CERTs • Key coordination team for China’s cybersecurity emergency response community 2002.9
  • 16. EARLY WARNING Received(2014): 800+information report partners domestic Released(2014): 264 reports Landscape presentation Annual meeting 52 weekly reports in English 1 annual report in English Content of report include: cybersecurity threats notification, incidents analysis, national landscape analysis, technical assistance ,etc.
  • 17. Emergency Response Accepted 56180 incidents complaint Handled 56072 incidents Increase the governance intensity of the Internet environment and restrain malicious codes Taken down 744 large scale Botnets protect 982,000 infected hosts removed 8644 malicious apps
  • 18. CNCERT has established partnership with 144 organizations in 63countries or regions CNCERT International Cooperation Partnership INTERNATIONAL COOPERATION