Weekly safety information

1政府举措1习近平勾勒网信工作大战略:没有网络安全就没有国家安全
全国网信办主任会近日在京召开。
会议强调,要深入学习贯彻习近平总书记系列重要讲话精神和治国理政新理念新思想新战略,牢固树立政治意识、大局意识、核心意识、看齐意识,扎实做好2017年网信工作,营造良好网上舆论氛围,提供有力网络安全保障和信息化支撑。十八大以来,习近平总书记非常重视“网络”,重视“网络安全和信息化工作”。在多个场合发表有关我国网信工作发展的重要论述,为中国构建 “网络强国”指明方向。
2我国拟制定《未成年人网络保护条例》
《未成年人网络保护条例(送审稿)》日前对外公布。
送审稿规定,对未成年人实施网络欺凌,构成犯罪的,将被依法追究刑事责任。送审稿指出,任何组织和个人不得通过网络以文字、图片、音视频等形式威胁、侮辱、攻击、伤害未成年人。未成年人的监护人、学校及其他组织和个人,发现未成年人遭受网络欺凌侵害的,应当及时采取措施予以救助,必要时向公安机关或其他有关部门举报,接到举报的单位应及时受理。家庭、学校、社会都有责任预防和干预未成年人沉迷网络;禁止未成年人在每日的0:00至8:00期间使用网络游戏服务;使用未成年人网络个人信息,须经未成年人本人或监护人同意,违者最高罚50万元。
数据显示,我国青少年网民( 19 岁以下)目前约占全体网民的 23%,达 1.6 亿。有 90.1% 的未成年人使用互联网,未成年人逐渐成为网民主力军,深受网络影响。
3美能源部发出警告:警惕黑客对电网发动攻击
美国国家能源部(DOE)1月6日发出警告,国家电网可能正面临“迫在眉睫”的被黑客攻击的危险。在一份长达494页的报告中,DOE指出电力系统维持着美国数百万生命线,关键基础防御设施和经济命脉,目前电力系统的网络防御安全性非常堪忧,危险“迫在眉睫”。
如果一旦被黑客发动的攻击突破电力系统,导致电网瘫痪将影响数百万美国国民的人身和健康安全。此外,天然气管道也在国家的电力系统中扮演重要角色。天然气管道同样有在网络攻击下出现工作失常的可能,这将引起相关基础设施的严重问题,危及国家电网系统的可靠性。
4助推网络安全等保制度加速落地
1月6日,由公安部第三研究所、中国计算机学会计算机安全专委会和中关村可信计算产业联盟联合主办的“2017中国可信计算与网络安全等级保护高峰论坛”在北京召开。信息安全主管部门相关负责人和信息安全领域权威专家学者表示,可信计算技术对于提升重要信息系统等级保护水平具有至关重要作用,以保护国家关键信息基础设施安全为重点的信息安全等级保护制度正在深入落实当中。
十三五期间,党中央、国务院加大了对网络安全的重视,并在《国民经济和社会发展第十三个五年规划纲要》中明确提出,要进一步“完善重要信息系统等级保护制度”。最近公布的《网络安全法》第二十一条规定,国家实行网络安全等级保护制度;第三十一条规定,国家对关键信息基础设施,在网络安全等级保护制度的基础上实行重点保护。
5美军将研究核武器联网后防范黑客入侵系列问题
据美国媒体报道,美国将研发网络化的新一代核武器系统、同时解决联网的核武器系统如何防范黑客攻击的问题。美国空军科学顾问委员会主席 维尔纳·达姆 近日表示,美国一些核武器系统需要更新换代,其中包括新型 B-21 隐形轰炸机、新一代洲际弹道导弹和远程巡航导弹等。此前美国当选总统特朗普也已表示,将扩充和加强美国的核武库。
维尔纳·达姆 透露,新一代核武器系统与它们的“前任”迥然不同 —— 将与其他作战系统进行网络连接。尽管这一网络并非公共的互联网,但在安全保障方面仍面临新挑战,如核武器系统有可能遭遇黑客入侵,这意味着必须修改和补充美国国防部现行的核武器安全指令。
美空军科学顾问委员会日前宣布,它在 2017 年的任务将是研究未来核武器联网的安全保障问题,在核武器系统更新换代开始之前提出防范安全漏洞的解决方案。
2网络安全事件
1美国公布最新解密报告“普京下令干涉美大选“
美国中情局、联邦调查局和国安局三大情报部门6日公布一份最新解密报告,指认俄总统普京下令发动网络攻击以影响美国选情。报告称,俄军事情报机构授意黑客攻击了民主党全国委员会和多名民主党大佬的电子邮件服务器,并将邮件内容泄露给“维基揭秘”等第三方。报告说,俄方行动还包括大量宣传攻势。俄政府通过官方媒体和网络“水军”在传统媒体和社交媒体上散播诋毁民主党候选人、前国务卿希拉里的负面消息和“假新闻”。
报告没有说明美国情报部门通过何种手段收集到相关证据,也未出示这些证据。报告也未对俄方行为是否影响美国大选结果作出评估。
俄罗斯方面尚未就美国情报部门这一最新报告作出回应,希拉里及其团队也未对此发表评论。特朗普6日听取情报部门汇报后表示,他将责成一个特别小组,在他就任3个月内拟出一份防范网络攻击的计划书。特朗普6日再次重申,俄方行动对大选结果“完全没有”造成任何影响。
2美国联邦贸易委员会起诉 D-Link 销售不安全的路由器和摄像头
美国联邦贸易委员会( FTC )周四向旧金山联邦法院起诉(PDF)台湾友讯科技( D-Link ),FTC 指控 D-Link 的路由器和网络摄像头让数以千计的消费者面临被黑客攻击的风险。FTC 在起诉书中称,被告屡次未能采取合理的软件测试和防治措施保护路由器和网络摄像头免受已知的容易预防的安全漏洞,如硬编码用户凭证等后门、以及命令注入漏洞,这些漏洞允许远程攻击者控制消费者的设备。FTC 还指控 D-Link 以明文的方式储存用户登录凭证。
对此,D-Link拒绝承认FTC的指控,并表示要“taking steps to defend the action(采取保护措施)”。目前FTC的诉讼已经递交到了北卡罗来纳州地方法庭,申请针对D-Link产品的销售禁令。
3Google巴西官网遭到域名劫持攻击
真明丽及中国伽玛等公司停牌 暂未悉原因
据外媒报道,谷歌的巴西域名遭劫持,用户登录谷歌巴西官网,页面显示的不是“ Google ”标志而是一张日本漫画照片并配上一段英文文字。
谷歌官方迅速介入调查,并查明:谷歌域名并未遭黑客入侵,而是巴西当地的 DNS 服务提供商遭黑客入侵、篡改了 DNS 服务器配置信息。研究人员调查发现黑客篡改了该区域 DNS 解析服务器的配置,将“ google.com.br ”解析后的地址进行重定向,这种攻击被称为“域名劫持攻击”。谷歌立即将结果告知当地服务商并督促其紧急修复,30 分钟后 DNS 服务器问题被修复,用户可以继续访问 Google 页面。
域名劫持攻击不容小觑,潜在威胁如下:
(1) 当用户的请求被强迫重定向到某些黑客设定好的链接上后,用户一旦进入那些网页,便会遭到恶意代码攻击。而黑客往往采用诱导用户下载软件虚假更新包的方式,将恶意代码植入其中,从而完成攻击;
(2) 攻击者还能劫持用户的邮件,并窃取其中的信息;
(3) 通过模拟架设一个SMTP(或IMAP、IMAPS)网络服务器,攻击者能在用户完成网络身份验证的过程中,窃取其身份凭证信息。
4网络犯罪分子引诱英国学校安装勒索软件
Action Fraud“网络犯罪举报中心”已经向英国教育机构发出了警告,不请自来的网络犯罪分子可能会冒充政府官员,以引诱大家在系统里安装勒索软件。这一骗局从给教育机构打诈骗电话开始,其自称“教育部”官员;在向受害者问到教师/财务主管的电子邮件或手机号码之后,就声称需要给班主任提供某种形式的心理健康评估或指导。
若是受害者戒心不足,则很容易落入圈套,被别有用心的网络犯罪分子骗取详细的个人联系信息。并且他们会声称“因为文件包含了敏感的信息,所以一般不要使用学校提供的收件箱”。
接着,他们会发来一封包含了 .zip 附件的邮件(可能伪装成一份 Word 或 Excel 文档)。一旦激活了恶意代码,就会在受害者的计算机上安装勒索软件,并加密设备上的文件。
据 Action Fraud 所述,犯罪分子会索取高达 8000 英镑(9828美元)的赎金来解锁文件。
这个骗局并不难识破,因为英国“教育部”的正式名称为“Department for Education”,而不是“of”。
5FBI网站被入侵 数据被公开后遭黑客嘲讽
近日,号称史上最安全的FBI网站遭遇黑客打脸,网站被黑,网站数据被直接公布在网上,泄露出来的数据包括FBI网站的用户名、电子邮件地址、经过SHA1算法加密后的密码以及加密用的盐值。
此次入侵者 CyberZeist 入侵的手法主要是利用了FBI 网站所使用的 CMS 内容管理系统的一个零日漏洞,而这个名为 Plone 的系统被公认为有史以来最安全的CMS内容管理系统。
据悉, CyberZeist 曾经是“匿名者”黑客组织 Anonymous 的一员,在业界也可谓“臭名昭著”。他此前还入侵过巴克莱银行、乐购银行以及英国军情五处。
CyberZeist 甚至还在 Twitter 上发起一个公开投票来决定下一个目标:政府组织、银行机构、军方、其他。仿佛听到了他内心的嘶吼:“还有谁!?”
专家提醒:只要该漏洞仍未被修复,所有使用该系统的网站都可能面临相同风险,其中包括欧盟网络信息与安全机构以及知识产权协调中心等等。
3数据统计1
政府机关网站高危漏洞修复率高达90%
近日,360互联网安全中心发布《2016年中国网站安全漏洞形势分析报告》称,在网站高危漏洞大幅增长80%、漏洞的平均修复率仅为42.9%的背景下,政府机关网站的漏洞修复率却高达77.1%,高危漏洞修复率更是高达90%,位居五大网站类型之首。与此相对,社会团体、个人和企业网站的修复率亟待提高:企业网站为45.5%,个人网站为40.1%,社会团体网站为38.3%。
这显示在“网络安全”已成国家战略的背景下,我国各级政府机关对于网站安全的重视程度得到空前的提高。
2
IT/互联网行业网站漏洞最多政府机关网站漏洞修复率最高
在企业网站中的 IT/互联网、金融、教育培训、汽车交通、生产制造、电信运营商等十个重点行业网站中,IT/互联网行业网站被报告的漏洞最多,占比为23.5%。
预计,随着《网络安全法》在2017年的实施,网站安全防护在各个行业还将会得到持续加强。
3
Android当选“2016漏洞之王”
根据汇总CVE数据的网站出具的2016年度CVE Details报告显示:
Andriod系统以523个漏洞位居产品漏洞数量榜首,成为名符其实的第一名。而Adobe也持续作为头号种子,以1,383个漏洞继续位列软件供应商的第一名。
当然,除了我们的冠军Android系统,荣获第二名的Debian Linux(319)和第三名的Ubuntu Linux(278)也非常值得关注,其中的很多漏洞都是因为某些第三方的Packages中原本就存在问题。
而以软件供应商为单位的统计数据中,Adobe的1383个漏洞自然也是无人可出其右,之后三位紧随其后,分别是微软(1,325)、Google(695)和苹果(611)。
该文章作者已设置需关注才可以留言
微信扫一扫关注该公众号
1 government initiatives outlined in the work of the 1 Xi Jinping net letter big strategy: there is no national security network security
National Network Information Office held recently held in beijing.
The meeting stressed the need to study and implement the general secretary Xi Jinping series of important speech and governing the new concept of new ideas and new strategy, firmly establish political awareness, overall awareness, awareness, awareness of the core line, do a solid job in 2017 net work, to create a good atmosphere for public opinion online, provides a powerful network security and information technology support. Eighteen years, Xi Jinping, general secretary attaches great importance to the network, attention to network security and information technology. In a number of occasions on the development of China’s network of letters important discussion, for China to build a network power direction.

茅台向供应商提出更加严苛要求,以”零容忍”态度确保供应茅台的产…

2 China intends to develop the minor network protection regulations
Minors Network Protection Ordinance (Draft) announced the day before.
The draft provides for minors to implement cyber bullying, constitute a crime, will be investigated for criminal responsibility according to law. Reviewers pointed out that any organization and individual shall not be in the form of text, pictures, audio and video network threats, insults, attacks, harm minors. Guardians of minors, schools and other organizations and individuals that minors have suffered cyber bullying infringement, should take timely measures to rescue, when necessary to report to the public security organs or other relevant departments, received a report of the unit shall promptly accept. Family, school and society are responsible for prevention and intervention of Juvenile Internet addiction; prohibited for minors online game service in daily 0:00 to 8:00 during the use of minors; the network of personal information, subject to minor offenders himself or guardian consent, the maximum penalty of 500 thousand yuan.
Data show that China’s young Internet users (19 years of age) currently accounts for about 23% of all Internet users, up to 160 million. There are 90.1% minors using the Internet, minors gradually become the main force of Internet users, by the network.
3 U.S. Department of energy issued a warning: alert hackers attack on the grid
U.S. Department of energy (DOE) on January 6th issued a warning that the national grid may be facing imminent danger of being hacked. In a 494 page report, DOE pointed out that the power system maintained millions of lifeline America, key defense facilities and economic lifeline, the current network security of power system is very worrying, imminent danger.
If the attack by hackers to break through the power system, resulting in paralysis of the power grid will affect the health and safety of millions of U.S. citizens. In addition, the natural gas pipeline also plays an important role in the country’s power system. Natural gas pipelines also have the possibility of working under the network attack, which will cause serious problems related to infrastructure, endangering the reliability of the national power grid system.
4 boost network security and other security system to accelerate landing
In January 6th, jointly organized by the Third Research Institute of the Ministry of public security, China computer society computer security committee and Zhongguancun trusted computing industry alliance 2017 Chinese trusted computing and network security protection forum held in Beijing. The competent department of information security and the relevant person in charge of the field of information security experts and scholars said that the trusted computing technology plays a crucial role to enhance the important information system level protection level, the level of information security protection system to protect the national security of critical information infrastructure as the key is deeply implemented.
During 13th Five-Year, the Party Central Committee and the State Council has increased the importance of network security, and clearly stated in the economic and social development of the thirteenth five year plan, to further improve the important information system level protection system. The recently announced network security law provisions of article twenty-first, the national implementation of the network security protection system; the provisions of article thirty-first, the state of critical information infrastructure, the implementation of key protection based on network security protection system.
5 U.S. military nuclear weapons will be studied after the series of network intrusion prevention problems
According to U.S. media reports, the United States will develop a new generation of networked nuclear weapons systems, while solving the problem of how to prevent cyber attacks on the network of nuclear weapons. The United States Air Force Scientific Advisory Committee Chairman Werner Damm said recently that some U.S. nuclear weapons systems need to be upgraded, including new b-21 stealth bombers, a new generation of intercontinental ballistic missiles and long-range cruise missiles. After Trump was elected president of the United States also has said it will expand and strengthen America’s nuclear arsenal.
Werner Damm said that the new generation of nuclear weapons systems and their predecessors are very different – will be connected with other combat systems network. Although this is not a public Internet network, but in terms of security still faces new challenges, such as nuclear weapons systems may encounter hackers, this means we must revise and supplement the U.S. Department of Defense’s current nuclear weapons safety directive.
The United States Air Force Scientific Advisory Committee announced the day before, it will be the security network of future nuclear weapons mission in 2017, put forward the solution to prevent security vulnerabilities before the nuclear weapon system began upgrading.
2 network security events
1 the United States announced the latest declassified report, Putin ordered interference in U.S. elections
Released a new report declassified CIA, FBI and NSA three intelligence agencies identified 6, Russian President Vladimir Putin ordered to launch cyber attacks to influence the American election. The report said, the Russian military intelligence agency authorized by hackers and the Democratic National Committee over Democrat email server and email content leaked to WikiLeaks and three party. Reported that the Russian action also includes a large number of promotional campaigns. The Russian government through the official media and network Navy spread slander Democratic Party candidate, former Secretary of state Hilary negative news and false news in the traditional media and social media.
The report did not specify the means by which the United States intelligence agencies to collect relevant evidence, did not produce the evidence. The report also did not assess whether Russia’s actions affect the U.S. election results.
Russia has not yet responded to the latest U.S. intelligence report, Hilary and his team did not comment. Trump 6, listen to the intelligence report said that he would appoint a special team in his first 3 months to draw up a plan to prevent network attacks. Trump, 6, reiterated that Russia’s action on the election results, no effect.
2 U.S. Federal Trade Commission sued D-Link sales of unsafe routers and cameras
The Federal Trade Commission (FTC) on Thursday to the San Francisco federal court against Taiwan (PDF) D-Link Technology (D-Link), FTC accused D-Link of router and network cameras allow thousands of consumers at risk of being attacked by hackers. FTC said in the indictment, the defendant to prevent security vulnerabilities repeatedly failed to take reasonable measures to protect the software testing and prevention of router and network camera from known, such as hard as a back door, encoding user credentials and command injection vulnerabilities, these vulnerabilities allow remote attackers to control consumer equipment. FTC also accused D-Link of storing user login credentials in an explicit manner.
In this regard, D-Link refused to recognize the allegations of FTC, and said to be taking steps defend the action (take protective measures). At present, FTC’s lawsuit has been submitted to the North Carolina district court to apply for a ban on the sale of D-Link products.
3Google Brazil’s official website was hijacked domain attacks
According to foreign media reports, Google’s Brazil domain name was hijacked, the user log on Google’s official website in Brazil, the page is not displayed Google logo but a Japanese comic photo with an English text.

开元物业千人计划产业园项目安全部开展”百日安全无事故”培训

Google officials quickly involved in the investigation, and found out: Google domain name has not been hacked, but the local DNS service provider in Brazil was hacked, tampering with the DNS server configuration information. The researchers found that hackers tampered with the configuration of the DNS parsing server in the region, google.com.br after the analysis of the address redirection, this attack is known as the domain name hijacking attack. Google immediately informed the local service providers and urged their emergency repair, 30 minutes after the DNS server problem is fixed, the user can continue to visit the Google page.

岳阳铁通进行新招员工上岗考试、安全、技能培训

Domain name hijacking attack should not be underestimated, potential threats are as follows:
(1) when a user’s request is redirected to a certain set of links, the user will be attacked by malicious code once they enter the page. Hackers often use the way to induce users to download the software to update the package, the malicious code implanted in them, thus completing the attack;
(2) the attacker can hijack the user’s e-mail, and steal the information;
(3) set up a SMTP (or IMAP, IMAPS) network server through the simulation, the attacker can be in the process of user authentication in the network, the theft of their identity document information.
4 cyber criminals lure British schools to install ransomware
Action Fraud cyber crime reporting center has issued a warning to the British educational institutions, cyber criminals may be unsolicited posing as government officials to tempt you to install the software in the system. From the beginning of this scam to educational institutions call telephone fraud, claiming to be the Ministry of education officials; after the victim asked the teacher \/ treasurer email or mobile phone number, claiming that it need to teacher to provide some form of mental health evaluation or guidance.
If the victim is wary of insufficient, very easy to fall into the trap, cyber criminals are cheat with have an ulterior motive of personal contact information. And they would say, because the file contains sensitive information, do not use the inbox provided by the school.
Next, they will send an email containing a.Zip attachment (which may be disguised as a Word or Excel document). Once the malicious code is activated, the malware is installed on the victim’s computer and the file is encrypted on the device.
According to Action Fraud, the criminals will receive up to 8000 pounds ($9828) to unlock the ransom documents.
This is not difficult to see through the scam, because the official name of the British Ministry of education to Department for Education instead of of.
5FBI website was hacked by the data after being exposed to ridicule
Recently, known as the history of the most secure FBI website hackers face, the website was hacked, website data was published on the Internet, leaked data includes FBI website user name, email address and password are encrypted by SHA1 algorithm and encrypted with the salt.
The intruder CyberZeist intrusion is the way of using the vulnerability CMS content management system used by the FBI website a day zero, and this system called Plone is recognized as the most secure CMS content management system in history.
It is reported that CyberZeist was a member of the anonymous hacker organization Anonymous, the industry can also be described as notorious. He had also invaded Barclays Bank, Tesco Bank of England and the five military intelligence.

CyberZeist has even launched a public vote on Twitter to decide on the next target: government, banking, military, and others. He seemed to hear the roar of the heart: who else!?
Experts advise: as long as the vulnerability has not been repaired, all the sites using the system are likely to face the same risks, including the EU network information and security agencies, as well as intellectual property coordination center, etc..
3 data statistics 1
即使在工作区域员工的隐私保护不是问题,员工本身的消极抗拒以得复杂多变的信息环境,比如BYOD和加密通讯等等,会让深度监控审计举步维艰且收效一般。
Government agencies website vulnerabilities repair rate as high as 90%
Recently, the 2016 China website security vulnerability situation analysis report said the release of 360 Internet Security Center, a substantial increase of 80%, average repair loopholes in the site of high risk vulnerabilities rate was only 42.9% under the background of government website vulnerabilities repair rate is as high as 77.1%, high-risk vulnerabilities repair rate is as high as 90%, ranked five the first type of site. In contrast, the rate of repair of social groups, individuals and businesses need to be improved: the corporate website is 45.5%, the personal website is, and the social group website is 38.3%.
This shows that the network security has become a national strategy in the context of China’s government agencies at all levels of attention to the security of the site has been an unprecedented increase.
Two
IT\/ Internet industry website vulnerabilities up to the highest rate of government agencies website vulnerability fixes

黑客的攻击手段越来越复杂化,任何一个薄弱的环节都可能会被成功利用,所以我们要进行信息安全的系统化防范,要构建多重立体防御体系。

猜您喜欢

Microsoft Azure安全中心之旅
大规模网络钓鱼活动转向商业领域
网络安全宣教——识别、报告和防范社交工程攻击
或实施限行政策广州政协委员建议推出郊区车牌
QUIVERS MAGRR
僵尸网络向手机领域蔓延