On September 27, 360 (601360.SH, hereinafter referred to as “360”) company released a report again to disclose the details of the US National Security Agency (“NSA”) cyber attack on Northwestern Polytechnical University and my country’s infrastructure. The disclosure of some specific attack activities provides a reference model for countries around the world to effectively detect and prevent national-level cyber attacks.
As cyber warfare becomes the mainstream of great power confrontation, cities and critical information infrastructure have become the primary targets of attacks. According to the report, the investigation team recently captured the NSA’s penetration control over the core data network of my country’s infrastructure operators. According to reports, the NSA inquired about a group of sensitive identities in China, packaged and encrypted user information and sent it back to the headquarters. Using the same combination of tactics and weapons tools, the NSA has taken control of the infrastructure networks of no less than 80 countries around the world.
It is reported that 360 Company locked the identity of the attacker through multi-angle evidence analysis such as attack time, language habits, work path, and weapon gene bank. Zhou Hongyi said that the comparative analysis of the weapon gene bank is an important means to identify the identity of the attacker. In the past 10 years, 360 has captured 30 billion attack samples and established the world’s largest security big data and sample database. By analyzing attack techniques, code styles, and code modules to find matching samples, accurate analysis and source traceability can be achieved. Zhou Hongyi suggested establishing a national-level gene bank and knowledge base for hacking weapons to defend the sovereignty of digital space.
360 released the world’s first national-level hacker organization’s attack capability quadrant
It is understood that “seeing” advanced attacks is a worldwide problem and a frontier topic in the security field. Only by “seeing” the attack can the attack be quickly blocked, and rapid “disposal” can be achieved before substantial damage is caused. Up to now, 360 has independently captured 50 foreign national-level hacker organizations that launched attacks on China, accounting for 98% of the domestic security industry, maintaining a leading position in the world.
Previously, Zhou Hongyi said in the company’s letter to all employees that 360 uses the Internet and digital genes for security, and holds the best card in the Chinese and even global security industry. In the future, it will continue to focus on the core capabilities of “seeing + handling”, Explore Chinese solutions in the age of digital security.
This article is reprinted from: https://www.leiphone.com/category/industrynews/Uxb9B4UCM5SZPa42.html
This site is for inclusion only, and the copyright belongs to the original author.