ahojunk
RETIRED INTL MOD
- Joined
- Nov 17, 2014
- Messages
- 5,118
- Reaction score
- 6
- Country
- Location
Qihoo 360 to Work with International Vulnerability Platforms to Build a Global White Hat Collaboration Mechanism
(People's Daily Online) 10:32, February 14, 2017
(Photo: Courtesy of Qihoo 360)
China’s leading Internet security company Qihoo 360 Enterprise Security Group will discuss with the world’s well-known vulnerability response platforms to jointly build an international white hat collaboration mechanism during the RSA Conference.
Under such mechanism, vulnerability response platforms shall cooperate in such aspects as vulnerability response, security testing and others to cope with the worldwide cyber attacks and the increasingly rampant global data breach and data trafficking, according to Qihoo 360.
Bai Jian, a head of Qihoo 360’s Butian Vulnerability Response Platform, revealed that Butian Platform has held several discussions with three well-known vulnerability platforms and the parties will also make in-depth consultations during the RSA Conference.
“We will cooperate on security test, vulnerability notification, etc., and sign the memorandum of understanding on cooperation at a right timing,” Bai said.
The Beijing-based company called to strengthen cooperation and collaboration between the vulnerability platforms of different countries and combine the respective technological advantages of Chinese and Western hackers, to effectively enhance security capabilities of websites. More extensive and timely vulnerability response conducive to the realization of technology and talent sharing will greatly promote the global Internet security capabilities.
The vulnerability platforms from different countries each pool a large team of white hat hackers, according to Qihoo 360.
The number of white hat hackers registered on the Butian Platform has reached more than 30,000, and the vulnerability platforms in the U.S. have issued bonuses to nearly 10,000 white hats hackers.
Due to the huge number of Internet users and the complex network environment, all countries also become the victims of cyber attacks and other criminal acts while benefiting from the Internet, said Qihoo 360 Enterprise Security Group President Wu Yunkun.
“Only through extensive international cooperation to create a comprehensive, wide-ranging, multi-level, effective coordination mechanism can we effectively curb the increasingly rampant, borderless cyber attacks and other criminal activities,” Wu said.
Cyber attacks facing China are characterized of obvious globalization features, warned the latest “2016 China Website Security Vulnerability Analysis Report” by 360 Internet Security Center.
As of November 15, 2016, Qihoo 360’s Internet Security software has blocked 1.71 billion various website vulnerability attacks, and in the full year, the number of websites that suffered vulnerability attacks reached 636,000. Among them, the overseas attackers accounted for 23.4%, and victims with IPs from outside of China accounted for 33.1%.
Similarly, according to the “2015 Network Security Report” issued by the National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT or CNCERT/CC) , Anonymous and other overseas hack organizations has been continuously attacking sites in China.
In 2015 alone, among IP addresses that implemented backdoor attacks to sites in China, 31,348 were located outside of China, mainly from the U.S. (13.9%) and South Korea (6.0%) and other countries and regions.
Wu said cyber attacks from different countries are technically both interlinked and diversified. The resulting cyber criminal industry chain has also become borderless.
“For example, it has become common for cybercriminal gangs from China to set up phishing websites in Europe and the U.S. and then return to China for fraud through strict teamwork,” Wu said.
From illegal drugs to weapons, all kinds of network databases are almost all available in the dark web market.
In a recent list exposed, a well-known dark web provider called “DoubleFlag” was selling user data stolen from a number of Chinese Internet companies, and the amount of data was up to 1 billion, mainly from Tencent, Netease, Sina and other local Internet companies.
In the same list, DoubleFlag also provided user data stolen from other countries such as Japan, of which the account leaked from the three Yahoo domain names alone totaled 23.59 million.
Data sales trends in the dark web market began to emerge from 2016, and some data providers provided data from a number of key companies, including Twitter, LinkedIn, MySpace, and Dropbox.
Over the past few months, the amount of databases uploaded and sold by DoubleFlag was huge. Moreover, it began selling other information that is unique and highly sensitive, and even attractive to intelligence agencies around the world, including data stolen from the US-based Cellular Corporation, which owns and operates the fifth largest telecommunications network in the U.S. and provides services for 4.9 million customers in 426 major markets across 23 states in the country, containing information like names, addresses, cities, states and cell numbers of 130 million Americans.
While among the vulnerabilities recorded by the 360 Butian Platform in 2015, more than 1,400 could cause personal information leakage, which may leak as many as 5.53 billion pieces of information.
In 2016, it collected more than 300 new vulnerabilities that may lead to personal information leakage, which may leak as many as more than 5 billion pieces of personal information.
(People's Daily Online) 10:32, February 14, 2017
(Photo: Courtesy of Qihoo 360)
China’s leading Internet security company Qihoo 360 Enterprise Security Group will discuss with the world’s well-known vulnerability response platforms to jointly build an international white hat collaboration mechanism during the RSA Conference.
Under such mechanism, vulnerability response platforms shall cooperate in such aspects as vulnerability response, security testing and others to cope with the worldwide cyber attacks and the increasingly rampant global data breach and data trafficking, according to Qihoo 360.
Bai Jian, a head of Qihoo 360’s Butian Vulnerability Response Platform, revealed that Butian Platform has held several discussions with three well-known vulnerability platforms and the parties will also make in-depth consultations during the RSA Conference.
“We will cooperate on security test, vulnerability notification, etc., and sign the memorandum of understanding on cooperation at a right timing,” Bai said.
The Beijing-based company called to strengthen cooperation and collaboration between the vulnerability platforms of different countries and combine the respective technological advantages of Chinese and Western hackers, to effectively enhance security capabilities of websites. More extensive and timely vulnerability response conducive to the realization of technology and talent sharing will greatly promote the global Internet security capabilities.
The vulnerability platforms from different countries each pool a large team of white hat hackers, according to Qihoo 360.
The number of white hat hackers registered on the Butian Platform has reached more than 30,000, and the vulnerability platforms in the U.S. have issued bonuses to nearly 10,000 white hats hackers.
Due to the huge number of Internet users and the complex network environment, all countries also become the victims of cyber attacks and other criminal acts while benefiting from the Internet, said Qihoo 360 Enterprise Security Group President Wu Yunkun.
“Only through extensive international cooperation to create a comprehensive, wide-ranging, multi-level, effective coordination mechanism can we effectively curb the increasingly rampant, borderless cyber attacks and other criminal activities,” Wu said.
Cyber attacks facing China are characterized of obvious globalization features, warned the latest “2016 China Website Security Vulnerability Analysis Report” by 360 Internet Security Center.
As of November 15, 2016, Qihoo 360’s Internet Security software has blocked 1.71 billion various website vulnerability attacks, and in the full year, the number of websites that suffered vulnerability attacks reached 636,000. Among them, the overseas attackers accounted for 23.4%, and victims with IPs from outside of China accounted for 33.1%.
Similarly, according to the “2015 Network Security Report” issued by the National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT or CNCERT/CC) , Anonymous and other overseas hack organizations has been continuously attacking sites in China.
In 2015 alone, among IP addresses that implemented backdoor attacks to sites in China, 31,348 were located outside of China, mainly from the U.S. (13.9%) and South Korea (6.0%) and other countries and regions.
Wu said cyber attacks from different countries are technically both interlinked and diversified. The resulting cyber criminal industry chain has also become borderless.
“For example, it has become common for cybercriminal gangs from China to set up phishing websites in Europe and the U.S. and then return to China for fraud through strict teamwork,” Wu said.
From illegal drugs to weapons, all kinds of network databases are almost all available in the dark web market.
In a recent list exposed, a well-known dark web provider called “DoubleFlag” was selling user data stolen from a number of Chinese Internet companies, and the amount of data was up to 1 billion, mainly from Tencent, Netease, Sina and other local Internet companies.
In the same list, DoubleFlag also provided user data stolen from other countries such as Japan, of which the account leaked from the three Yahoo domain names alone totaled 23.59 million.
Data sales trends in the dark web market began to emerge from 2016, and some data providers provided data from a number of key companies, including Twitter, LinkedIn, MySpace, and Dropbox.
Over the past few months, the amount of databases uploaded and sold by DoubleFlag was huge. Moreover, it began selling other information that is unique and highly sensitive, and even attractive to intelligence agencies around the world, including data stolen from the US-based Cellular Corporation, which owns and operates the fifth largest telecommunications network in the U.S. and provides services for 4.9 million customers in 426 major markets across 23 states in the country, containing information like names, addresses, cities, states and cell numbers of 130 million Americans.
While among the vulnerabilities recorded by the 360 Butian Platform in 2015, more than 1,400 could cause personal information leakage, which may leak as many as 5.53 billion pieces of information.
In 2016, it collected more than 300 new vulnerabilities that may lead to personal information leakage, which may leak as many as more than 5 billion pieces of personal information.