59 Figure 2-6 The distribution of overseas IPs that planted backdoors to Chinese websites in 2014

2.4. Mobile Awareness

In 2014, CNCERT collected about 951.1 thousand mobile malware samples in total. In terms of intentions of these mobile malware, the malicious fee-deducting malware continued to take the first place 55.0, fee consumption 15.3 stood the second place. And followed it were those intended for stealing information and Rogue behavior accounting for 12.9and 9.7 respectively. Figure 2-7 Intention-based Categories of the Mobile Malware in 2014 Malicious fee deduction 55.0 Fee consumption 15.3 Stealing information 12.9 Rogue behavior 9.7 Remote control 4.4 System damage 1.3 Trick and fraud 1.0 Malicious spread 0.3 Intention-based Categories of the Mobile Malware in 2014 60 The majority of these mobile malware identified by CNCERT ran on Android platform, recording about 949.8 thousand 99.9. 3. Events organizedco-organized

3.1. Conferences

The issue of “A Review of Network Security Situation in 2013” CNCERT gave a press conference on 2013’s Network Security Situation in Beijing on 28th March, 2014, introducing the overall picture and main features of China’s network security in 2013. Specialists and representatives from 47 organizations including governmental agencies, operation departments of important information system, telecom operators, domain registrars, Industry Associations, Internet companies and security companies attended this conference. This situation report, which was with distinctive industry characteristics and technical features, outlined the characteristics for Chinas Internet network security threats in 2013, looked forward to threats of much concern in 2014 and made a number of suggestions. The hold of 2014 Annual Chinese Conference on Computer and Network Security in Shantou, Guangdong Province CNCERT held 2014 Annual Chinese Conference on Computer and Network Security in Shantou Guangdong on 28th May, 2014. The theme of the conference is Collaborative Protection for Safe Future. Sub-Forums had been set up according to the four subjects: the security of mobile Internet in 4G era, protection of personal information and defense of APT attack, security of key infrastructures and network security academic forum of CNCERT-CIE. More than 600 representatives from governments, important information systems departments, industries and enterprises, universities, research institutes and other organizations attended the meeting. The hold of the second China-Japan-Korea Annual Meeting for Cyber Security Incident Response The operational level delegates of the national CERTsCSIRTs Computer Emergency Response Teams Computer Security Incident Response Teams of China, Japan and Korea, gathered in Seoul, Korea to hold the second China-Japan-Korea Annual Meeting for Cyber Security Incident Response from 61 August 21st to 22nd , 2014 . The Parties reviewed handling and prevention efforts made in responding to serious security incidents. The technical experts from three sides exchanged latest information on cyber security threats at the meeting. Three parties reiterated their evaluation for the handling cases of major security incidents and further research in each other’s ability and methods of incidents handling, which will strengthen the cooperation among the three parties. Three parties reached the consensus that they will make contributions to improving the global network environment by supporting the establishment of information sharing protocols, scope and criteria for network risk assessment. The hold of The 6th China-ASEAN Network Security Seminar in Shantou CNCERT organized the 6th China-ASEAN Network Security Seminar in Shantou, China from May 27 to May 29, 2014. Delegates from the telecom department of government and CERTs in Cambodia, Indonesia, Lao, Myanmar, the Philippines, Thailand and Viet Nam attended this conference. They exchanged development, technology and management experience in the field of network security and discussed how to conduct cooperation on network security emergency responding between China and ASEAN. 4. Drill attended APCERT Incident Drill 2014 CNCERT participated in the APCERT 2014 Drill as a participant on 19 February 2014 and completed it successfully. The theme of the APCERT Drill 2014 was Countering Cyber-ops cyber operations with Regional Coordination. The focus of the drill is to prevent attackers from launching DDOS attack against a Government Department information system through collaboration between CSIRT-CERT locally and internationally. This walkthrough is designed to test the participating teams’ incident response handling arrangements. The CSIRT teams from 16 economies of APCERT took part in the exercise. ASEAN CERT Incident Drill ACID 2014 CNCERT participated in the ASEAN CERT Incident Drill ACID 2014 on September 24th and completed it successfully. According to the scenario, the 62 participants played the Hacker and the Incident Responder roles. The Hacker role was involved in compromising actions and the Incident Responder was involved in detection, investigation of various attack and the response procedures. 5. Achievements CNCERT’s weekly, monthly and annual reports, as well the other released information, were reprinted and quoted by massive authoritative media and thesis home and abroad. Figure 4-1 lists of CNCERT’s publications throughout 2013. Name Issues Description Weekly Report of CNCERT Chinese 52 Emailed to over 400 organizations and individuals and published on CNCERT’s Chinese-version website http:www.cert.org.cn Weekly Report of CNCERT English 52 Emailed to relevant organizations and individuals and published on CNCERT’s English-version website http:www.cert.org.cnenglish_webdo cuments.htm CNCERT Monthly Report Chinese 12 Issued to over 400 organizations and individuals on regular basis and published on CNCERT’s website http:www.cert.org.cn Annual Report Chinese 1 Published on CNCERT’s website http:www.cert.org.cn CNVD Vulnerability Weekly Report Chinese 52 Published on CNCERT’s website http:www.cert.org.cn Articles Analyzing Cybersecurity Threat 32 Published on journals and magazines. 63 EC-CERT Taiwan E-Commerce Computer Emergency Response Team - Chinese Taipei 1. About EC-CERT

1.1. Introduction