Know that Chuangyu Security Brain has been guarding China’s online business system for a long time. Monitoring data shows that the United States is the largest source of cyber attacks outside of my country, especially during China's important holidays and social events. Attacks from the United States are extremely active. Moreover, APT attacks by the United States against important sensitive units in my country have become regular. From the time the United States published false articles on July 19 to the time of publication, the United States was still conducting large-scale attacks and infiltrations against China.
1. In the past six quarters, the United States has been the largest source of cyber attacks outside my country
For many years, the United States has been the largest source of attacks on our country’s key information systems.
Knowing Chuangyu's safety brain statistics show that in the six quarters from 2020 to the present, the United States has always ranked first among countries that have launched attacks on key business systems of important sensitive units in China. In an average of every 10 network requests from the United States, there is one cyber attack.
In Q1 of 2020 and Q2 of 2020, foreign attacks from the United States accounted for about 54%. After Q2 of 2020, attacks began to increase. In Q3 of 2020, the proportion of attacks reached nearly 71%. In 2020, Q4 attacks accounted for a slight increase. The decline ratio is 56%, and it will continue to show an upward trend in Q1 of 2021 and Q2 of 2021. Especially during my country’s important social activities in March 2021, the United States accounted for 68% of attacks.
2. During China's major holidays and social events, the attacks from the United States were extremely active
The United States has never stopped launching cyber attacks on our country, especially during major holidays and social events held in the country, cyber attacks have become more active. During my country’s major conferences in March 2021 and during my country’s major social events in July, cyber attack data from the United States has further confirmed this trend.
1. During the major conferences held in my country in March 2021 (March 1st-March 15th), the attack trend chart from the United States is as follows:
As can be seen from the attack trend graph above, the United States began to attack my country's key infrastructure facilities and key unit business systems before the start of major meetings in my country. By the day of the opening of major meetings, the amount of attacks reached a peak. According to statistics, during the major conferences in my country, the United States launched 58,166,867 attacks on my country’s key information systems, with a single-day peak of 5,630,084 attacks.
2. During my country’s major social activities in July 2021 (June 26-July 7), the attack trend chart from the United States is as follows:
During this period, the United States has launched a total of 164,579,211 attacks on my country’s key information systems. The highest peak in a single day reached 28,976,025 times.
It can be seen intuitively from the amount of attacks during major events and holidays that the United States’ attacks on China are purposeful and targeted. This is further confirmed from the distribution of attack types.
Judging from the data of the two major social activities the United States has attacked our country, the proportion of backdoor attacks on websites has reached 30% among the types of attacks. Compared with other types of attacks, the website backdoor is the most harmful. By implanting the backdoor in the business system, the purpose of long-term control can be achieved. It can be seen that the US attacks on China’s key information systems are extremely threatening.
3. The U.S. has regularized APT attacks on important and sensitive units of our country
In addition to China’s major events and holidays, the United States has launched an apparently active cyberattack against China. The United States has also long-term APT attacks on important and sensitive units in China.
Case 1: Onion routing stealth attack
Suspected hackers or hacker organizations used the onion routing of foreign universities or research institutions to attack domestic business systems, including the information systems and news websites of more than 47 important sensitive units.
IP: 158.***.***.242 is owned by a university in the United States. And, this is an onion routing, the corresponding domain name is: tor-xxx.xxx.*****.edu.
Access onion routing:
Case 2: Targeted persistent malicious worm distribution
Know that Chuangyu's security brain has caught persistent worm attacks from the United States.
After analyzing the payload of the attack sample, it is found that the main function of the payload is to traverse the tables in the SQL Server database and then implant third-party advertisements. This type of attack technique is very rare in China. It can be found through search engines that a large number of business systems or websites have been implanted with advertisements. According to statistics, more than 230 websites or business systems have been implanted with related worm viruses and continue to be infected.
For example: an information port business system (www.hxxxrk.cn/detail.aspx?id=33&type=gonggao)
4. From the time the United States published false articles to the present, it is still conducting large-scale attacks and infiltrations against China
Knowing that Chuangyu's security brain monitors statistics in real time. From 11:00 on July 19, 2021, the United States published false articles to 00:00 on July 24, 2021, the United States is still launching a large number of cyber attacks against China, which is critical to China The number of attacks launched by information systems reached 38,415,677, and the proportion of attacks reached 56.28%. The number of attacked business systems reached 487,324. Among them, 80682 IPs from the United States launched website backdoor attacks on 261738 business systems in my country in an attempt to control these The business system includes more than 16,000 key information systems related to my country’s national economy and people’s livelihood.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.