Sina Technology News, February 8th afternoon message, Rising (Weibo) today released the "Rising 2011 Annual Enterprise Security Report". The report comprehensively summarizes the enterprise security situation in 2011: Education, online game and government websites have become the three most vulnerable types of websites; 65% of the IP addresses attacking enterprise websites come from overseas; malicious competition between enterprises has begun to employ hackers, resulting in a significant increase in security risks for the entire industry; industrial control systems and mobile smart devices have become one of the main routes for hackers to attack enterprises.
Rising stated that the malicious competition among domestic enterprises has extended into the hacker domain. Taking the attack on Baihe.com as an example (Baihe.com claimed it was its cooperative website that was attacked, not Baihe.com itself), it was its competitor who directly hired hackers to launch a DDoS attack, causing the attacked website to be inaccessible, resulting in economic losses of up to 1.12 million yuan. The two hackers and their employers have been arrested. Similar cases of mutual attacks due to malicious competition between enterprises significantly increased in 2011.
According to data provided by Rising Company, in 2011, 199,665 corporate websites had been successfully intruded upon (calculated by pages). Educational research websites, online game-related websites, and government websites are the three types most susceptible to being attacked and having malware implanted, accounting for 31%, 19%, and 15% of the total number respectively.
It is introduced that in 2011, almost all Internet companies encountered security incidents such as penetration testing, vulnerability scanning, and internal network structure analysis. Among them, the proportion of companies where hackers successfully obtained certain permissions exceeded 80%. According to a sampling test conducted by Rising Company, among websites with more than 10,000 IPs/day visits, Hangzhou network companies, those with more than 10 serious vulnerabilities accounted for 75%, making these websites extremely vulnerable to hacker attacks.
In the traditional enterprise sector, the majority of enterprise internal networks have experienced security accidents. The proportion encountering malicious code (viruses and trojans, etc.) intrusion exceeds 50%, hacker attacks and infiltration account for 35%, phishing website attacks and other forms of security incidents account for 10%.
According to statistics, at least 65% of the IP addresses attacking Chinese enterprises come from abroad, with the United States, Japan, and South Korea being the top three sources of attack IPs. Among all attacked enterprises and organizations, those involving national secrets and financial security, such as government agencies, confidential units, scientific research institutions, and financial institutions, experience higher technical content and frequency of hacker attacks compared to ordinary enterprises.
For a small number of high-level, confidential networks and units domestically, 2011 was an even more dangerous year. Attacks from foreign IPs continued without abatement, and security issues exposed in databases, automatic industrial control systems, and mobile terminal devices also posed serious security risks to these units.
Among the high-level confidential networks detected by Rising, common security issues include XSS vulnerabilities, non-standard file read/write permissions, leakage of sensitive information, weak passwords, etc. In particular, weak passwords and leakage of sensitive information are widely present in over 90% of enterprise local area networks.
Regarding the "data breach attack" (CSDN password leak incident) that caused a significant impact in 2011, the Rising report provides a detailed analysis. For instance, how the "data breach" attack is carried out, what issues website administrators should pay attention to, and the hazards of "data breach" attacks are all elaborated in the Rising report.
The Rising report points out that attacked enterprises fall into various types. After a successful "data breach," hackers process the database deeply and sell it to relevant demand parties based on its practicality and the amount of information disclosed. Different data utilization methods vary. In the Rising report, a detailed analysis is provided on the hazards faced by six major categories of entities after suffering a data breach attack: media websites, SNS websites, e-commerce websites, travel hotel websites, securities banking websites, and enterprise internal networks.
The Rising report advises enterprises to adopt the following four measures to enhance the security protection level of enterprise websites and internal networks:
1. Conduct a security risk assessment to understand the source of threats they face.
2. After conducting a risk assessment, quickly develop and implement solutions for urgent problems within a short period, organized and executed by the company as a whole.
3. Plan security risk strategies according to different industry characteristics. For example, the primary dangers faced by online game enterprises are DDoS attacks and user data theft. Therefore, setting conditions during user equipment transactions and manually reviewing disputes can reduce the impact of stolen accounts.
4. Establish a strict permission management system and data review mechanism to prevent malicious intrusions by former employees and unauthorized attempts by low-permission employees to access beyond their authority. (Lin Ming)
Share to:
Related Reports:
Rising Security Report: Last year, virus attacks affected 1.17 billion Internet users
Rising releases 2011 annual Internet security report
Rising releases website password protection solution, providing seven free inspections
Rising: The problem with the leaked website lies on the server side
Weibo Recommendation | Sina Technology Official Weibo