中国数谷

Network security situation report: high risk of personal information and data leakage

At present, the reporter learned from the official website of the National Internet Emergency Response Center that China's Internet network security situation in the first half of 2019 has been released, and it shows that the operation of China's basic network was generally stable in the first half of 2019, and there were no large-scale network security incidents. However, there are still many risks and challenges in China's cyberspace, such as data leakage events and risks, organized distributed denial of service attacks and interfere with the normal operation of China's important websites, frequent spear phishing email attacks, and multiple high-risk vulnerabilities that have been exposed.

It is known that the National Computer Network Emergency Response Technical Team (hereinafter referred to as CNCERT) conducts macro monitoring of China's Internet network security environment from malicious programs, vulnerabilities, mobile Internet security, website security, cloud platform security, industrial system security, Internet financial security and other aspects.

The report shows that in the first half of 2019, CNCERT acquired more than 1.03 million mobile Internet malicious programs through independent capture and exchange with manufacturers, a year-on-year decrease of 27.2%. According to the malicious behavior statistics of malicious programs, the top three are consumption of fees, rogue behavior and malicious deduction of fees, accounting for 35.7%, 27.1% and 15.7% respectively.

In addition, since the first half of 2019, there have been 15,000 mobile internet-based fake loan apps or websites in China, and more than 900,000 users have submitted personal privacy information such as names, ID photos, personal asset certificates, bank accounts and addresses. A large number of victimized users paid tens of thousands yuan in the fraud platform for the so-called "guarantee fee " and " service fee ", and their economic interests were substantially damaged.

IP addresses of malicious programs controlled servers for networked smart devices were about 19,000, up 11.2 percent year-on-year. About 2.42 million IP addresses of networked smart devices were controlled, among which nearly 900,000 (37.1%) were located in China, down 12.9% year-on-year. The number of DDoS attacks by controlling networked smart devices is about 2,118 per day.

According to the statistics, the number of app stores has exceeded 200 in the mainland, with nearly 5 million apps on shelves and over one trillion downloads, developing rapidly. At the same time, there are a large number of cases of apps compulsory authorization, excessive claims of power and collection of personal information beyond the scope, and the illegal use of personal information is very prominent. The majority of netizens have a strong response to this.

CNCERT monitoring and analysis found that, at present, among more than one thousand mobile apps with large downloads, each APP applied for 25 permissions on average, among which the number of apps that applied for permission to make calls unrelated to business accounted for more than 30%. Each app collects an average of 20 items of personal and device information, including social network, travel, recruitment, office, video and audio etc. A large number of apps have abnormal behaviors such as detect other apps or reading and writing user device files, which pose a potential security threat to users' personal information security.

In order to protect the safety of personal information and the legitimate rights and interests of Internet users, the Cyberspace Administration of China, the Ministry of Industry and Information Technology, the Ministry of Public Security and the State Administration for Market Regulation have decided to launch a nationwide specialized campaign in 2019 to regulate improper collection and use of personal information in violation of laws and regulations by apps, and to conduct a special evaluation on mobile apps. Since the launch of specialized campaign, several achievement reports have been published to the society, including Circular of One Hundred Commonly Used Apps Forced Open Access Conditions, Network Security Practice Guidelines – Regulation of Necessary Information of Mobile Internet Application Code for Basic Business Functions, Identification Method of App’s Illegal Collection and Use of Personal Information, etc., effectively guiding the app operators to strengthen the personal information protection and normalize market order.

Translated by Wang Yingmei

Proofread by Wang Shuai