Large data and network black production

As the internet continues to be deeply involved in people's lives, there is a steady stream of data accumulating in the network. These data like scattered in the internet ecology of the grain of pearl, luring the network black production molecule stare big greedy eyes, waiting for the move ...

Reporter survey found that, based on the existence of the industrial chain, upstream, is the technical content of the highest professional hackers, they dug through the loopholes, writing Trojan intrusion, access to data; Midstream, is the purchase of these data for fraudulent criminal gangs, they applied social engineering theory and knowledge to the user to implement fraud; downstream of the industrial chain , is to support the entire black industry chain of various surrounding organizations, such as money, money laundering, card collection, trafficking in identity cards and other groups.

This near-perfect black industry chain is challenging many web users ' security awareness.

Newspaper reporter Cheng

It was just dawn, and Ge Xiaorong finished the night's mission. He screwed the faucet, flushed a face with cold water, and got up and went to work in the company.

After seating, Ge Xiaorong opens the webpage, this time he was attracted by a news: Recently, Guangdong Police cracked a big hacker credit card fraud case-"Swallow No. 3rd".

To everyone's surprise, Guangxi Hechi Junior High School graduate of the 18-Year-old boy Aye (a pseudonym) through self-study programming to become a "hacker", and to make profit for themselves, led a group of people on the internet to steal a big swipe of other people's bank card, the amount of money involved nearly 1.5 billion yuan.

Rather than the content of the news, Ge Xiaorong is more concerned about the boy's approach to attacking online banking.

Hacker White Hat

Ge Xiaorong through the browse discovery, the Arab-leaf Society network programming slowly into the hacker community, 2012 began to use the network loophole, through technical means to collect bank customer information, selectively attack the well-known recruitment site or other sites containing a large number of customer information, illegal access to millions of of bank card information.

Then, a leaf through the QQ group to publish information, looking for the "channel" and "partner." According to media reports, Aye was arrested, thank the police in his 18 years old before he grabbed him, and said he wanted to be a red guest after prison.

The red guest is relative to the hacker. Hackers are those who specialize in researching and discovering computer and network vulnerabilities. The red Guest is in the network safeguard justice, for own country glory the network technology master.

Just as a coin has two sides, hackers have good and bad points. In the hacker world, the color of the hat is often likened to its good or bad. White hats are those experts who are proficient in security technology but work in the field of anti hacking, while black hats are the ones that use hacker technology to cause damage or even cybercrime.

To be exact, Ge Xiaorong is a white hat for hackers, but he would prefer to be called a red guest. As a main network information security company Urumqi Office of Senior Technical Engineers, Ge Xiaorong daily work content, is through the identification of network Customer system security vulnerabilities, issued a vulnerability warning, so as to remind customers in black hat hackers before the invasion to repair loopholes, to maintain customer network information security advice.

Ge Xiaorong's clients are banks, operators, enterprises and institutions. He is now almost a "night owl" because it is usually after 0 o'clock in the evening.

Ge Xiaorong remembers, once in the lower state, he served six places in a week, and spent all his time on the road to sleep.

In addition to getting the satisfaction of the service audience, many times, Ge Xiaorong and colleagues are faced with a group of people who despise the loophole. Every time a vulnerability is exposed, many users, especially small users, do not attract attention.

"Hackers steal information, will immediately choose to leave, for customers, then start to repaint the site has been conundrum." "In Ge Xiaorong's view, network information security is a three-point technology, seven points by management, namely: Network security 30% rely on computer system Information security equipment and technical support, and 70% rely on user security management awareness of the improvement."

In the era of big data and cloud computing, the "data" is the world. This phrase, is the Internet enterprise for many years of consensus, for the increasingly rampant network black industry chain is also applicable. Last year, China's network of vulnerabilities outbreak: Late March, Ctrip security payment log can be downloaded, resulting in some users of bank card information leakage; November, 1.3 million students of the personal information, in some black production group of public hawking ...

Cloud loophole

In fact, at home, gradually formed a number of vulnerability reporting platform, such as Qihoo 360, Cloud Network has established a mechanism for reporting loopholes, methods are different.

In the dark cloud community, there are 1260 different levels of white hats, and they are searching for loopholes almost every moment. "Piggy man" April 16, 2012 registered as a black cloud net white hat, in order to dig all loopholes, he produced a scanner, compared with the peer search, he has achieved an automatic attack, in the cloud Community rank value (the sum of the presented vulnerability score) high ranked first.

For black hats, the accumulation of a large number of user data booking, insurance, recruitment sites such as Job search is a good "prey." The reporter found that the cloud platform disclosed many similar web site system loopholes.

"The backdoor of these sites may have been opened long before these vulnerabilities were exposed." "Ge Xiaorong said.

Black hats exploit these vulnerabilities to invade valuable sites and steal user databases. This process is known as the drag library in the black industry terminology. Last May 14 early morning, the Millet official forum 8 million users of the account information was dragged library. After the success of the trailer, they will also carry out the washing of the library, the use of technical means to clean the data, to extract valuable user data to cash it.

After the data are dragged and washed, some black hats will try to log on to other websites, called collision libraries. Last December 25, China Railway ticketing network 12306 Web site encountered a collision attack, more than 130,000 users of privacy data on the Internet crazy biography.

Recently, the Netizen "carefree" to 350 yuan price, in QQ Exchange Group low-key recruit hacker technology apprentice. Referring to the pool, he explained that the collision is a hacker with other channels to obtain the user name and password to try to log on to a website, after success, you can get users in a website transaction required ID number and other personal information.

"Carefree" Introduction said, in a website hit the library successfully, hackers will also try to hit other libraries, such as Taobao, Beijing and east, if successful, hackers will be more users of personal payment accounts, consumer records and other data.

With the increasing number of Web sites, the number of social libraries used to defraud the fraud is increasing, and the threat to users is increasing. The main business of the Social Work Library website is to sell the account and password information of others that you have mastered, and sell it openly, as long as it is paid.

Reporters combed through the black industry chain found that upstream of the industrial chain, is the most technical content, the most covert professional hackers, they dug through the loopholes, the implementation of the Trojan horse intrusion, access to data; the middle link of the industrial chain is a huge fraud criminal gang, they usually have a higher EQ, Be proficient in applying social engineering theory and knowledge to implement fraud to users; the downstream of the industrial chain is to support the whole black industrial chain of various surrounding organizations, such as money, money laundering, card collection, trafficking in identity cards and other groups.

Bleaching Black Production

It is undeniable that in the process of data leakage, data custodians have an unshirkable responsibility.

In the opinion of Gujie, head of a local network company, vulnerabilities are a major cause of disclosure, but almost every web site can be vulnerable. Some network security companies are set up to reduce leaks caused by leaks, exposure to leaks before the leak, and notify manufacturers timely repair. In Xinjiang, there are more than 10 network security companies.

According to the Regional Communications administration, in 2014, the Bureau of the current popular 499 Trojan family and 72 zombie program Family Activities conducted a sample monitoring, found in Xinjiang region has 230,000 hosts are Trojan and zombie network control, including government units and large enterprises.

Industry personage Analysis, these enterprise data security consciousness is not strong, database design flaw is also the reason that data can leak. Gujie found that in Xinjiang, the Network information security work departments and enterprises less than half.

Autonomous Region Communications Administration officials said that the rapid development of mobile internet makes mobile phone malicious programs increasingly rampant, privacy theft virus accounted for the proportion is rising. Mobile devices stored in the Address book, short messages, photos, video and other sensitive inside easily stolen. Last year, Xinjiang infected mobile Internet malicious program users accumulated more than 1.7 million, of which the rogue behavior accounted for 21%, privacy theft class accounted for 15%.

Correspondingly, the Internet environmental governance is also increasing. Last year, the Autonomous Region communications authority destroyed more active, control the larger scale of the overseas Trojan and zombie network control end of 518, coordination of important information Systems Unit cleaning Trojan and zombie network of a total of 11,513, effectively reducing the risk of large-scale network security events in Xinjiang.

Over the years, China has also promulgated a number of laws and regulations, including the civil Law on the protection of personal privacy provisions, the 7th Amendment of the Penal Code, the NPC Standing Committee on the Strengthening of Network information protection decisions and relevant departments and regulations. However, Chen, an assistant researcher at the Institute of Law, Xinjiang Academy of Social Sciences, shows that because China does not have a specialized network security regulatory law, the Internet industry self-discipline norms are still messy.

In view of this situation, our country is developing the corresponding management standard, it is proposed that the Network service provider should assume the responsibility after the disclosure of the clear provisions. Our country also plans to increase its criminal liability through legislation in cases where network service providers are not fulfilling their network security management obligations and causing serious consequences.

Relatively optimistic, with the large data and mobile Internet in all walks of life in-depth application, many manufacturers of information security awareness is gradually increased. The white-hat talent market, which discovers and reports leaks, is also emerging, meaning that fewer people are engaged in black production. "Let black people turn into white hats, which may be the direction of the future." "Ge Xiaorong said.

(editor: Mengyishan)