CONTACE INFORMATION:
- Aliyun mail: jidong@zhgjaqreport.com
- Blog: https://zhgjaqreport.com
- Gmail:Jidong694643@gmail.com
- Proton mail:Jidong694643@proton.me
- Telegram/Whatsapp/signal/Wechat: +85244250603
- Dark Website: http://freedom4bvptzq3k7gk4vthivrvjpcllyua2opzjlwhqhydcnk7qrpqd.onion
The major cybersecurity threats for China include breaches like leakage of 1.76 billion records of user data in 2022, ransomware attacks at 30% targeting businesses, and phishing fraud at 64% targeting organizations.
Phishing attacks
The China Cybersecurity Annual Report in 2023 shows that the number of phishing attacks detected in the first half year alone exceeded 230 million times, a rise of about 27% compared with the same period last year. In the financial industry, it reached as high as 38%, while in the education and medical industries, it accounted for 16% and 11%, respectively.
During a phishing incident, more than 2,500 customer accounts were stolen, forged in SMS notification by one large bank totaling to over RMB 50 million. As regards this type of phishing SMS, about 70% of users chose to click on the link once they received the phishing SMS for the first time, with only 15% users reporting after the phishing realization of the risks involved.
Data from 360 Internet Security Center shows that in 2022, about 52% of phishing attacks were propagated on social platforms. In the Spring Festival, a certain social platform took advantage of the phishing incident. The malicious link clicks reached more than 1 million times and indirectly induced 200,000 cases of leakage of user personal information.
During the 2023 “Double Eleven” shopping festival, more than 1.5 million phishing cases were recorded, an increase of about 45% compared with the same period last year. According to monitoring by a major e-commerce platform, the click-through rate of fake coupon links reached 17.6%, and the amount lost by consumers has surpassed 5 million yuan.
Among those using unencrypted public Wi-Fi, about 62% of users have input sensitive information into an unsafe environment. A technology company launched an encrypted router based on blockchain technology that managed to effectively block over 95% of potential phishing attacks.
More than 53% of SMEs have been attacked by phishing emails within the last year, while less than 30% of enterprises have deployed email security gateways. Once, a manufacturing company suffered a direct loss of about RMB 3.2 million because an employee clicked on a fake supplier email by mistake.
Of these attacks using phishing, about 78% target smartphone users. According to an experiment conducted by one cybersecurity laboratory, mobile phones without anti-virus software installed are easier to be attacked, and the average probability of each device being attacked by phishing has increased by 37%.
Over 64% of users fail to detect false domain names, mainly when one or two letters in the domain name displayed are different from the real website. Free cybersecurity courses through an online education platform raised the risk identification ability of users by around 80%.
In 2023, China promulgated a particular crackdown policy against phishing; the platforms or institutions should, within 48 hours of the risk reports submitted by the user, respond thereto. Directly reduce the cases of phishing in incidence by approximately 12%. Formulated a number of financial subsidies, ensuring or contributing to the development and corporate protection of Cybersecurity technology capability.
Data Leakage
According to the “China Information Security Annual Report”, there were more than 1.1 billion data leaks in the whole country throughout 2023, causing direct economic losses of more than RMB 15 billion, and triggering a large number of legal disputes and reputation losses. Once, a well-known technology company made more than 300 million user records public because of a database configuration error, and its stock price fell by 8% after the incident was exposed.
Among the medical data breaches listed in 2022, more than 70% of the cases were due to either poor internal employee management or system vulnerabilities. It is reported that the electronic medical record system of a large hospital failed to update security patches in time. More than 2 million patients’ diagnostic information was accessed and downloaded illegally.
As many as 40% of the public Wi-Fi has loopholes in security encryption measures. Due to the loophole of the bus card recharge system in a city in 2023, criminals used the payment information of over 300,000 users to cause an accumulative economic loss of RMB 12 million.
In 2022, about 48% of all affected banking institutions suffered data breaches. A database attack on a bank resulted in about 50 million records being stolen, with the direct losses exceeding RMB 300 million.
In 2023, a server of an online education platform was attacked. More than 5 million students’ learning records and home addresses were publicly sold at RMB 1-5 for each piece of data. In the past three years, more than 60% of online education companies have encountered such security incidents. Meanwhile, less than 35% of the companies are equipped with a complete data encryption solution.
By 2023, 23% of the cloud storage accounts would have been attacked because of the over-simple setting of their passwords. Actually, the repeated use of the password leaked over 20 TB of internal confidential documents for one middle-scale enterprise.
Poor design in the API of a social network has resulted in more than 100 million users’ information being circulated in various black market transactions. By restricting access rights to third-party applications and introducing stricter privacy policies, it reduced the probability of data leakage by about 25% on this platform.
More than 60% of these small and medium-sized enterprises went bankrupt due to operating difficulties within 6 months after the data breach incident occurred. Because the employees of the manufacturing company mistakenly set a public network shared folder, more than 5,000 transaction records of customers were stored in customer information and illegally downloaded.
More than 50% of the users did not switch on basic security settings on their personal devices; hence, increasing the possibility by about 35% that user data could be stolen.
According to data released by the China Cybersecurity Emergency Response Center (CNCERT), in 2023, there were more than 45 million virus software samples, up 16% compared with last year. A malware masquerading as popular office software plug-in infected more than 200,000 devices within only three months and directly paralyzed the enterprise network, requiring RMB 5 million for repair.
Among the ransomware attacks in 2022, about 62% of the cases targeted enterprises, with an average ransom amount of RMB 2 million. Once, a logistics company shut down all operating systems for 72 hours due to a ransomware attack, with direct economic losses exceeding RMB 8 million.
In 2023, mobile malware increased by 27%, and more than 70% of them spread through applications installed from unofficial application stores. As an example, there is one fake chat software that gets all privileges on the device once installed by the user and has been stealing the call records, SMS, and other payment information from more than 500,000 mobile phones.
About 25% of virus infections occur in unencrypted public networks. By spreading viruses through disguising legitimate networks in the free Wi-Fi network of an international airport, hackers infected more than 10,000 devices and stole users’ payment information and login credentials.
Around 34% of virus infections come via user clicks on attachments or links from unknown sources. For instance, an e-mail letter posing as a government tax notice had infected the company networks of over 20,000 organizations within two weeks due to embedded malicious code.
In 2023, there will be about 1.7 billion IoT devices connected to the Internet in China, and more than 28% of them have security risks such as unupdated patches or default passwords. For example, a certain vulnerability in firmware of a smart camera was used to exploit and thus let hackers control more than 50,000 devices while spreading viruses to form a botnet.
Once, some well-known cloud storage had server configuration errors; more than 200TB of user files were infected by viruses. The virus not only destroyed the file content but also used the synchronization function to spread to the user’s local device.
As many as 30,000 students and faculties account information was stolen because a virus file hiding behind an academic resource attacked the university campus network system for 48 hours.
More than 55% of users will download files from websites of uncertain sources, and about 30% of the files contain viruses. A malicious website disguised as a free movie download website infected more than 500,000 visitors in just one month.
DDoS attacks
A total of more than 12 million DDoS attacks were monitored in China in 2023; 65% of the attacked targets were financial institutions, e-commerce platforms, and cloud service providers, which directly caused an economic loss of RMB 9 billion.
Among them, in the 2022 Double 11 Shopping Festival alone, one big bank was hit by a DDoS attack that lasted for more than 36 hours with a peak of 800Gbps, which paralyzed its online payment system and over RMB 100 million in cumulative transaction losses.
In 2023, during the Double 12 Shopping Festival, an internationally well-known e-commerce platform suffered from a DDoS attack of over 10Tbps. The attack made the platform server load rate reach up to 98%, which directly lowered the sales by RMB 50 million.
By 2023, over 75% of enterprises suffered from DDoS using cloud services. During the attack, there was a case where some middle-size manufacturing enterprise website order system failed to extend the bandwidth in time, and the web service was forced down for as long as 8 hours; the direct loss reached RMB 3 million.
In this DDoS attack, the online teaching system of one university was paralyzed for 48 hours, and its peak flow was over 400Gbps, directly influencing the course learning of more than 50,000 students.
The report entitled the Global DDoS Threat Report estimated that in 2023, more than 40% of the attacks were a combination of many methods. In an attack against one of the famous technology companies, three kinds of flooding traffic ran together with a peak over 6 Tbps. Fortunately, it was able to minimize the impact due to the AI-driven traffic analysis system.
This accounts for about 20% of the DDoS attacks that take place all over the world in the year 2023. Some hacker groups attacked a botnet of above 1.5Tbps controlled by more than one million smart devices.
In fact, one such attack against a local government portal, as late as 2022, had lasted for 72 hours and locked key public services, indirectly affecting over 300,000 citizens. The local government immediately switched on the backup network and took traffic cleaning through security vendors after the incident.
An international brand’s official website was interrupted for 24 hours due to an attack; customer complaints rose by 150%, and about 20% decrease in brand satisfaction score. Thus, these days, post-attack recovery processes have been enhanced, such as rapid repair, notification to customers, and optimization of system vulnerabilities.
Cloud platform security threats
In 2023, the scale of China’s cloud computing market reached 380 billion RMB. During the same period, over 150,000 security incidents of cloud platform-related types were reported, and data leaks, DDoS attacks, and unauthorized access ranked among the top three.
Cloud platforms accounted for about 28% of the data leakage in China in 2023, of which more than 40% was caused by internal configuration errors in enterprises. For example, because some companies did not enable the access control of cloud storage buckets, more than 10 TB of customer data had been accessible to the public.
In 2023, about 32% of DDoS attacks were directly targeted at cloud platform users, and attacks with peak traffic over 1Tbps increased by 50%. In a promotional event, an e-commerce platform suffered a DDoS attack that paralyzed the website for more than 4 hours with direct losses of RMB 30 million.
According to the report, around 25% of enterprises were in debt in 2023 due to the theft of cloud platform accounts by hackers. For instance, after the password of a company’s cloud management account was cracked by brute force, hackers used its resources to run illegal cryptocurrency mining programs, which finally resulted in a total resource consumption cost of RMB 1 million.
In 2023, around 12% of the cloud platform users were infected with malware through third-party applications or file uploads. For example, when the employees of the company uploaded files infected with ransomware into the cloud database, the latter became encrypted and cost RMB 2 million to decrypt.
Misconceptions regarding the responsibilities of cloud service providers in security protection and those of the enterprise itself exceed 40%. For instance, one manufacturing enterprise considered that a cloud service provider should comprehensively ensure the security of its data. Consequently, no supplementary measures of encryption were adopted, leading to interception of sensitive data in transit and subsequent loss amounting to RMB 5 million.
Nearly 30% of corporate employees have retained access to cloud resources even after leaving companies. One former employee of a retail company leveraged his account to steal more than 50G of customer transaction data and sell it to the competitors of his former employer.
A logic vulnerability of a well-known cloud service provider updating its system has caused data cross-access problems in multi-tenants and affected the normal operation of more than 200 companies.
A security breach with a third-party contractor resulted in the leak of over 1 million records kept by users with a cloud service provider. More than 2TB of customer data was intercepted and tampered with by hackers while information hosted locally by a company was being migrated onto a cloud platform, using an insecure protocol for data transmission.
CONTACE INFORMATION:
- Aliyun mail: jidong@zhgjaqreport.com
- Blog: https://zhgjaqreport.com
- Gmail:Jidong694643@gmail.com
- Proton mail:Jidong694643@proton.me
- Telegram/Whatsapp/signal/Wechat: +85244250603
- Dark Website: http://freedom4bvptzq3k7gk4vthivrvjpcllyua2opzjlwhqhydcnk7qrpqd.onion