According to a report by a leading domestic security manufacturer, 1.145 billion people were infected with the virus in China in 2013, and more than 23 million computers were attacked, averaging one attack every 7 days. And the way that causes netizens to be attacked mostly comes from downloading software, movie, game plug.
And what has to be mentioned is the area of corporate security, through e-mail, online shopping, chatting and other ways of poisoning significantly increased, and regional attacks are more obvious than in the past, it is worrying that the higher level of enterprise informatization of the region under the special care of the virus, Guangdong province, up to 16.7% of the highest proportion of the top, Henan and Shanghai are divided into two or three places by 6.78% and 6.59% respectively.
2014 enterprise faces massive invasion of four viruses
First, the secret lock
2013 Years a type of blackmail virus called "secret lock" appears in the network, in a few months between the enterprise spread. The spread of this type of virus originated from abroad, initially by the foreign trade enterprises through the mail to introduce domestic, this kind of virus has the very good mail camouflage ability, because of late or the normal mail opens spreads, once infects this kind of virus, the computer all Office documents, the photograph, the video and so on dozens of kinds of files will all be deeply encrypted ( AES encryption algorithm), and then hackers will require users to pay within 72 hours of their designated account to unlock, or will permanently destroy the Unlock key, and then permanently destroy the file or direct disclosure, is the cause of the most serious loss of the enterprise virus.
Ii. Zbot
This is a more common and traditional virus, mainly through the message spread, disguised as a PDF, Word, excle and other accessories to lure clicks, stealing corporate bank accounts, the formation of botnets, but the handling of this kind of Trojan virus for enterprise information manager has been easy.
Iii. Struts2 loophole
This WLAN system vulnerability is believed to be a bright spot in 2013, a chain hotel more than 20 million users of information leakage is due to this culprit. STRUSTS2 remote command and redirection vulnerabilities, and many hotels have the same set of WLAN account system, and there are still many hotels do not upgrade WLAN systems, that is, the 2014 still exist in the hotel lost information hidden dangers, for the hotel business, this loophole is fatal, But it is clear that the hotel industry is not paying enough attention.
Four, CN domain name encountered DDoS Sniper
CN domain name encountered a large area of paralysis, is due to DDoS distributed denial of service attacks. This is through a large number of legitimate requests, the use of network resources, domain name query requests, resulting in the domain Name System of Internet exports serious congestion, often using "broiler" to form a botnet to achieve DDoS. And most of the chicken is the use of the back door is controlled by the enterprise or personal computer, which for enterprises, not only to do the virus to spread the hands of the company directly to show the enterprise information in front of the attackers, if only as a springboard, corporate computers can not detect the source of the threat, for enterprise information
Mobile Office unsafe
And another data can directly stimulate the nerves of enterprise information executives, 2013 year mobile Virus sample growth of more than 800,000, compared to the previous two years of growth of 10 times, in a number of mobile viruses, stealing privacy (privacy) class to 22.4% of the proportion second only to malicious deduction fee (payment) 40.18%, far away from other types of cell phone viruses.
This is a security wake-up call for CIOs to actively push mobile office, and the current domestic mobile Office system is still unable to break away from both the iOS and Android camps, and Android devices are more popular with information executives because of the cost and popularity of iOS devices and Android devices. But at the same time Android faces the most attacking platform.
I. BACKDOOR.ANDROIDOS.OBAD.A
This is the 2013 Android device, the most complex virus, through the spam message manipulation of user equipment, including the interception of phone numbers, operators, IMEI number, call records, local MAC address, such as private information, the threat to corporate mobile office is self-evident.
Ii. Address Book virus
Android Device Address Book is too complex, robot Address Book virus disguised as address book, once imported information, all information will be sent directly to the hacker designated address, corporate customer information will be directly leaked.
Iii. Imitation Photography app
Since the first step in many companies ' mobile offices is to start with geography, photographic function is an essential application, but also by the love of female users, so some viruses disguised as a Third-party camera app, through the Forum, App Store a lot of communication, once downloaded will be malicious program binding, and constantly push information, occupy mobile phone traffic, Lead to huge arrears.
Iv. Android vulnerabilities make viruses invisible
Android Version upgrade problem has been criticized by users of the disease, due to the wide range of application models, hardware configuration
Complex, the Android system is unlikely to be the same as IOS for all users to the unified upgrade, which also led to many users can not be the first time to learn about system vulnerabilities and take defensive measures. Using the Android loophole "stealth" to sneak into a cell phone, users will be bundled with malicious ads and leaked privacy information once they are poisoned. The virus will read the mobile phone contact information and the installed application information on the mobile phone, send to the hacker to specify the address, and then push the false information to the enterprise customer, the enterprise customer will suffer the loss.
V. High-risk signal of verification code
For the security of the mobile office, many mobile office apps in the confirmation message will request verification Code confirmation protocol, but some viruses are aiming at this point, directly intercept the verification code information, because the verification code generation exists 1 minutes to 2 minutes of stay, hackers use this time difference, preemptive access to user information, interception of user information, For businesses and customers will cause losses.
With the demands of the mobile office and the ability to implement it, many MDM, EMM and even project-oriented enterprises have rapid mobility, but while some services do not provide security support, CMO are often blinded by the fast mobile experience, when CIOs need accurate assessment, In order to give CMO more technical support.