59 Figure 2-6 The distribution of overseas IPs that planted backdoors
to Chinese websites in 2014
2.4. Mobile Awareness
In 2014, CNCERT collected about 951.1 thousand mobile malware samples in total. In terms of intentions of these mobile malware, the malicious fee-deducting
malware continued to take the first place 55.0, fee consumption 15.3 stood the second place. And followed it were those intended for stealing information and
Rogue behavior accounting for 12.9and 9.7 respectively.
Figure 2-7 Intention-based Categories of the Mobile Malware in 2014
Malicious fee deduction
55.0
Fee consumption
15.3 Stealing
information 12.9
Rogue behavior
9.7 Remote
control 4.4
System damage
1.3 Trick and
fraud 1.0
Malicious spread
0.3
Intention-based Categories of the Mobile Malware in 2014
60 The majority of these mobile malware identified by CNCERT ran on Android
platform, recording about 949.8 thousand 99.9.
3.
Events organizedco-organized
3.1. Conferences
The issue of “A Review of Network Security Situation in 2013” CNCERT gave a press conference on 2013’s Network Security Situation in Beijing
on 28th March, 2014, introducing the overall picture and main features of China’s network security in 2013. Specialists and representatives from 47 organizations
including governmental agencies, operation departments of important information system, telecom operators, domain registrars, Industry Associations, Internet
companies and security companies attended this conference. This situation report, which was with distinctive industry characteristics and technical features, outlined
the characteristics for Chinas Internet network security threats in 2013, looked forward to threats of much concern in 2014 and made a number of suggestions.
The hold of 2014 Annual Chinese Conference on Computer and Network Security in Shantou, Guangdong Province
CNCERT held 2014 Annual Chinese Conference on Computer and Network Security in Shantou Guangdong on 28th May, 2014. The theme of the conference is
Collaborative Protection for Safe Future. Sub-Forums had been set up according to the four subjects: the security of mobile Internet in 4G era, protection of
personal information and defense of APT attack, security of key infrastructures and network security academic forum of CNCERT-CIE. More than 600 representatives
from governments, important information systems departments, industries and enterprises, universities, research institutes and other organizations attended the
meeting. The hold of the second China-Japan-Korea Annual Meeting for Cyber Security
Incident Response The operational level delegates of the national CERTsCSIRTs Computer
Emergency Response Teams Computer Security Incident Response Teams of China, Japan and Korea, gathered in Seoul, Korea to hold the second
China-Japan-Korea Annual Meeting for Cyber Security Incident Response from
61 August 21st to 22nd , 2014 . The Parties reviewed handling and prevention efforts
made in responding to serious security incidents. The technical experts from three sides exchanged latest information on cyber security threats at the meeting. Three
parties reiterated their evaluation for the handling cases of major security incidents and further research in each other’s ability and methods of incidents
handling, which will strengthen the cooperation among the three parties. Three parties reached the consensus that they will make contributions to improving the
global network environment by supporting the establishment of information sharing protocols, scope and criteria for network risk assessment.
The hold of The 6th China-ASEAN Network Security Seminar in Shantou CNCERT organized the 6th China-ASEAN Network Security Seminar in Shantou,
China from May 27 to May 29, 2014. Delegates from the telecom department of government and CERTs in Cambodia, Indonesia, Lao, Myanmar, the Philippines,
Thailand and Viet Nam attended this conference. They exchanged development, technology and management experience in the field of network security and
discussed how to conduct cooperation on network security emergency responding between China and ASEAN.
4.
Drill attended APCERT Incident Drill 2014
CNCERT participated in the APCERT 2014 Drill as a participant on 19 February 2014 and completed it successfully.
The theme of the APCERT Drill 2014 was Countering Cyber-ops cyber operations with Regional Coordination. The focus of the drill is to prevent attackers from
launching DDOS attack against a Government Department information system through collaboration between CSIRT-CERT locally and internationally.
This walkthrough is designed to test the participating teams’ incident response handling arrangements. The CSIRT teams from 16 economies of APCERT took part
in the exercise. ASEAN CERT Incident Drill ACID 2014
CNCERT participated in the ASEAN CERT Incident Drill ACID 2014 on September 24th and completed it successfully. According to the scenario, the
62 participants played the Hacker and the Incident Responder roles. The Hacker
role was involved in compromising actions and the Incident Responder was involved in detection, investigation of various attack and the response procedures.
5.
Achievements CNCERT’s weekly, monthly and annual reports, as well the other released
information, were reprinted and quoted by massive authoritative media and thesis home and abroad.
Figure 4-1 lists of CNCERT’s publications throughout 2013. Name
Issues Description Weekly Report of CNCERT
Chinese 52
Emailed to over 400 organizations and individuals and published on
CNCERT’s Chinese-version website http:www.cert.org.cn
Weekly Report of CNCERT English
52 Emailed to relevant organizations and
individuals and published on CNCERT’s English-version website
http:www.cert.org.cnenglish_webdo cuments.htm
CNCERT Monthly Report Chinese
12 Issued to over 400 organizations and
individuals on regular basis and published on CNCERT’s website
http:www.cert.org.cn Annual Report Chinese
1 Published on CNCERT’s website
http:www.cert.org.cn CNVD Vulnerability Weekly
Report Chinese 52
Published on CNCERT’s website http:www.cert.org.cn
Articles Analyzing Cybersecurity Threat
32 Published on journals and magazines.
63
EC-CERT Taiwan E-Commerce Computer Emergency Response Team - Chinese Taipei
1.
About EC-CERT
1.1. Introduction