Electric dealer is a new means of hacker's enrichment

Named Zhongdao (alias), 25 years old, living near Xinzhuang in Beijing, maybe you are in the trade with him, your E-commerce site registered mobile phone number, mailbox and other personal information in his hand can be directly converted into banknotes, he is the electricity business enterprise user data leakage behind the Black hand, he is the electric business enterprise anger one of the culprits , he is the so-called "two-way" in the network hacker industry chain.

in recent years, e-commerce enterprise is already the industry public thought of "Suck King", in the eye and attention, a group called "Network Hacker" "New organization" also stared, not regularly "harassment" for "protection fee", each request amount hundred yuan, or even thousands of yuan.

Subject to the background of the electric business environment, some electric business enterprises from last year's big ruthless hit hard wide (the media published pure advertising), turned to search engine bidding rankings promotion, but did not think this move unexpectedly provoked the hacker's attention.

E-business hackers attack new targets

Long-time Health mall product operations director Lindamu to Phoenix Technology revealed that 2012 and 2011 electric business environment has changed a lot, so the end of the 2011 company to reduce the hard wide launch, increased the search engine bidding, such as Baidu, Sogou, and so on, its amount is equivalent to the hard wide amount of 2011, It was because of this that the hackers were recruited.

This is the industrial chain of "shady", he said with some helplessness, these are all said, it means marching, but we are really unbearable, at the same war.

He revealed that website since last September until the end of 2011, a total of attacks three times, each attack time from one week to more than 10 days, the last attack lasted 7 days, directly caused the computer room paralysis three days, the website can not visit, the direct economic loss of 500,000 yuan, the company decided overnight change room. It is worth mentioning that the other (network hackers) out of the condition is only to ask for 1000 protection fee.

Talking about the attack, Lin Mu said that each attack, DDoS traffic is very large, the company's bandwidth is completely unbearable, can only rent network technology attack CDN Services, only this one cost more than a hundred thousand of per month expenditure.

"Rent a high room after all, is not our small and medium-sized electric power can be a long-term burden, we have been considering a better way to solve, such as reporting, seek legal means; entrust the middleman to contact each other, but none of them work, the other party is eating, we have no way to deal with them. "he said.

90% most of the electric business enterprises choose to spend money to protect peace

Industry insiders believe that, in accordance with the past practice, with a certain scale and visibility of the enterprise is "cyber hacker" focus, one is that these enterprises have abundant funds, two "protection fee" amount is not high, they are more willing to spend money, so some small and medium-sized electric business enterprises are not too great danger.

However, now these hackers have tasted the sweetness, the tentacles of the cloth is increasing, some small electric dealers have not been spared, and a long time Health mall is one of them.

A senior electrical trader from the hacker trading channels learned that some of the electric business enterprises were attacked, due to the electronic business enterprise data confidentiality, some specific data is not marked.

It is understood that the forest is located in the long Health mall does not belong to large electric dealers, is an online holding group under the exclusive import of health care products E-commerce website, since its establishment in 09, has developed to 60 employees of the scale.

When asked why the one or two-line brand is still under attack, he revealed that because its website is to do import health care products, the price of a single product than the domestic health care products prices two or three times times higher, the average single goods are more than 600 yuan, and the site of the existing number of registered users about 100,000, the actual number of users to buy also considerable, Because its users are more likely to purchase than other users of the site, this may be the reason "hackers" stare.

"Don't underestimate these tens of thousands of users, are very valuable and most purchasing power users, and these users of personal data is our competitors most value."

According to group buying industry, the middle level revealed that in such cases, Jingdong, when, where guests, Alipay, including a number of group buying enterprises are also encountered in varying degrees, resulting in loss and data leakage also caused by high-level concern, but for some reason, they did not take legal means or actively seek solutions, Instead, keep silent or actively skim.

"Hackers" arrogant threatened to take money to avoid disaster

According to the Phoenix Technology Line survey, from Shanghai Yangpu District, Ms. Yang, Beijing's million, Shanghai Nanhui, Ms. Guo all said their Jingdong account was stolen, and account inside the Jingdong voucher and some cash disappeared.

The picture is: Lin da Wood provides his chat record with the hacker, the net is called "The Little Handsome Man" is the hacker

Lin Big Wood announced that he and a "hacker" chat records and Baidu bidding on the page of the order message screenshot: The figure impressively indicated that a hacker said that the electricity business site said not to take money to attack its server

Image: Baidu bidding on the page of the order message screenshot.

The picture is: "Network hacker" gathers QQ group, a considerable part of user data trade is through Q Group transaction completes

According to the intermediary familiar with such transactions, he experienced the electronic business user data transactions involved in the electric business almost covers the majority of well-known domestic electric enterprises, of which the first line, second-tier electric business enterprises, trading data show that about 90% enterprises have been hit by hackers, their user data are exposed to varying degrees.

The secret that the electric business enterprise does not want to disclose

An electric trader has disclosed to Phoenix technology that for financial purposes, internet companies are hacked and usually will not be published, whether they are victims or attackers, because once the event is made public, the facts of the company's internal user data will surface.

He stressed that some electric business companies because of the impact of investors or Wall Street capital markets, so they will not easily let their real user data situation is open, because the real user and user purchases often with their previous published data to show a certain gap.

Especially for the survival in the sensitive period and the cusp of the well-known electric business enterprises, this is not wise, "for the attack, we all tacit, spend a little money, so poorer disaster is not surprising." "he said.

Internet commentator Zhao Occupy said, if the electric business enterprise admits to be hacked, then its information security guarantee level is easy to be questioned by the consumer, even causes the panic, causes the user to lose.

Zhao Occupation said that some consumers because of hacker attacks lost user information, the most important effect is that the account funds stolen, in general, consumers are difficult to protect, there is no way to prove the balance of funds of the account number, it is not good to prove that the account funds stolen from the site's information security measures are not enough. If the dealer's website admits to be hacked, it is more advantageous for the impaired consumer to defend the rights.

Lawyer: Civil liability may be investigated

To this phenomenon, Phoenix Science and technology consulting Zhejiang billion-dimensional law firm Wu lawyer, Wu lawyer said, in view of the criminal responsibility requirements of the threshold is too high, such circumstances can consider administrative responsibility or civil liability for rights; In this issue, we can consider requiring the perpetrator to assume the administrative punishment law of Public Security management, In accordance with the disruption of enterprise production or illegal occupation of public and private property qualitative.

The starting point of criminal cases is higher, civil case to protect legitimate rights and interests must bear the burden of proof of actual loss of money, that is, to have actual pecuniary loss, otherwise it is difficult to define, so it is proposed to save relevant evidence to the public security organs to report.

He stressed that criminal cases are more difficult to file, civil case to have a de facto loss of interest, that is, to have the actual money to pay, otherwise it is difficult to define, so proposed to take the administrative angle.