At present the website leaks the question as well as the enterprise network security situation is extremely worrying

Source: Internet
Author: User
Keywords Password netizens three major manufacturers
Tags .mall .net corporate network enterprise enterprise network example hacked hacker

Absrtact: Experts remind, the present website leaks the problem as well as the enterprise network security situation is very worrying, for example domestic many small and medium-sized enterprise even does not have the person responsible for the network security, but takes the trusteeship way to treats the enterprise network security question, causes the hacker

Experts warned that the current Web site leaks and corporate network security is very worrying, such as domestic many small and medium-sized enterprises and even no person responsible for network security, but to adopt a managed approach to corporate network security issues, resulting in rampant hackers

After the CSDN, Tianya and other websites tens of millions of user information has leaked, "securities daily" in this interview with Qihoo 360, Jinshan network, rising and other domestic three network security manufacturers, three of enterprises security experts on this matter and put forward a precautionary proposal, called on users to modify the relevant password as soon as possible, the more complex the better.

Qihoo 360 First Technical officer Shi Xiaohong:

CSDN, Tianya and other websites leaks The problem is not an exception. Over the past few years there have been rumors that many well-known websites have been hacked to steal databases, but the database has never been publicly disseminated. With the recent tens of millions of accounts and passwords were published online by hackers, thus triggering the attention of ordinary netizens.

We reiterate that for every netizen, whether or not their account is in these hacked public library, it is necessary to regularly update the key account password.

With the popularization of 360 and other free security software, Internet users face the threat of Trojan virus has been eased, 2011 has not been infected with millions of popular Trojans. However, the network service provider encounters the harm which the hacker attacks is gradually appearing. Because some netizens are accustomed to using the same registered mailbox and password, once a website user database is hacked, it will endanger all the security of the account, the computer is not a Trojan may also be stolen number.

For Qihoo 360 itself, on the one hand, 360 constantly strengthen the Web site and server security protection, to do their utmost to prevent hacker attacks; On the other hand, 360 of the user database for high intensity encryption protection, making it difficult for hackers to obtain user passwords through the database, the user risk control to the lowest.

Jinshan Chief security expert Tiejun (Weibo):

CSDN, Tianya and so on a number of Web site leaks This thing has long appeared, but this time was hackers exposed. I've only heard about it until this time.

For some people think Jinshan network employees suspected of helping to expand the impact of the accident. The fact is, Jinshan network staff when learned that CSDN data leakage, the first reaction must be downloaded data to confirm. And the staff used the Thunder net neighbour to download, the Thunder net neighbour has a function is downloading any one file, will default recommendation to share to the net neighbour, therefore, this download also was seen by others, inadvertently magnified the influence.

Security products may be of no avail to the average user, as this attack occurs on the server side. Loopholes always exist, if LAX management, the invasion will inevitably occur. The user must change the password, at least for now, this is the only thing that can be done. Recommendations are as follows: 1. Users have to divide their daily use of the network services into two categories, important and general; 2. Use at least 2 mailboxes to bind or request a network service, and ensure that the mailbox password is not reused; 3. Important services with important mailboxes to apply, General Service with a secondary mailbox to apply, the two are never mixed; 4. Key services use passwords that are not the same as mailboxes and use key service passwords as often as possible.

If not afraid of trouble, at least in theory, a website a password is the safest.

Rising safety expert Tangwei:

At present the website leaks the problem as well as the enterprise network security situation is very worrying, for example domestic many small and medium-sized enterprise even does not have the person to be responsible for the network security, but takes the trusteeship way to treats the enterprise network security question, therefore the hacker is rampant. In addition, hackers attack the threshold of the site is low, the cost of catching hackers is quite high, whether it is technical, or personnel. From the technical level analysis, the real hacker often through many jumps, the high anonymous proxy, the chicken, the employment and so on the website implementation attack. Many viruses are invaded through system vulnerabilities, and last year the popular "net Silver Super Trojan" virus is very famous, is using Third-party payment platform vulnerabilities to attack.

Hackers tend to sell the information directly to the user, or to dig deeper. Some users use duplicate account passwords on multiple sites, and hackers get more information by guessing passwords. Then there is the use of the information obtained by the hackers in the legal aspects of extortion users.

At present, the fight against hacker crime has multiple difficulties, the user is best to avoid the risk by changing the password frequently. Try not to use duplicate passwords, you should develop the habit of regularly changing passwords, and password settings to be more than 8 digits, and preferably with the number + letter (case) + symbol combination. In addition, the operating system to set a complex password, the installation of fully functional security software, the use of genuine software and regularly update software vulnerabilities to the system to play patches, the key is to develop a good habit.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.