What are the common network security threats?

Recently, domestic security manufacturer Kingsoft Corporation released the "2005 Network Security Report". The report shows that network threats in 2005 were diversified. In addition to traditional viruses and spam, spies were more harmful. Software, adware, phishing, etc. have joined the ranks of Internet security destroyers and become accomplices that threaten computer security. Spyware, in particular, is more harmful than traditional viruses and has become the biggest threat to Internet security. At the same time, relevant anti-virus experts predict that in 2006, the development momentum of "spyware" harm to network security will become more intense.

●"Trojan" viruses bear the brunt

According to statistics from the Kingsoft Anti-Virus Monitoring Center, from January to October 2005, 50,179 viruses were intercepted or monitored by hackers, including Trojans, worms, and hacker viruses account for 91% of them. In particular, there are more than 2,000 types of Trojan viruses (such as online banking, QQ, and online games) that steal users' valuable accounts. If you include variants, there are more than 10,000 types. On average, 30 viruses appear every day. Based on the virus situation in 2005, it has the following characteristics:

●Computer virus infection rate dropped for the first time

In 2005, my country's computer virus infection rate was 80%, down from 85.57% last year 5.57 percentage points. This is the first time since 2001 that the computer virus epidemic in my country has shown a downward trend. The spyware infection rate during the same period was much higher than last year, soaring from 30% in 2004 to 90% in 2005. Among users infected with viruses in 2001, 56.65% had been infected more than three times, while this dropped to 54.7% in 2005. In 2005, the damage caused by viruses was mainly network paralysis, accounting for nearly 20%, while in 2003 and 2004, the damage caused by viruses was concentrated on system crashes, which shows that network problems caused by worms are becoming more and more serious. The proportion of losses caused by computer viruses was 43% in 2001 and 51.27% this year, which shows that the harm caused by computer viruses is intensifying.

●90% of users are attacked by "spyware"

According to reports, in 2005, spyware has broken into our online life on a large scale. According to relevant data released by the "2005 National Information Network Security Status and Computer Virus Epidemic Investigation Activities" released by the Ministry of Public Security, nearly 90% of users in China were attacked by spyware in 2005, an increase from 30% in 2004. 60%. Even the famous Bill Gates was helpless in the face of spyware. He exclaimed: "My computer has never been invaded by viruses, but it has been harassed by spyware and adware."

Although as time goes by, With the intensification of crackdowns, spyware has undergone more obvious changes in 2005. Previously, most of it was promoted by rogues, such as downloading plug-ins, popping ads, and codes through websites. It can be effectively intercepted with some IE auxiliary tools, but the most annoying manifestation this time is that spyware directly pops up advertisements, which IE auxiliary tools cannot intercept at all. Spyware needs to be completely removed to reduce ads. Although many anti-virus software manufacturers have made great efforts to remove spyware, because there is no complete security tool for spyware, the complete removal of spyware is far from meeting the needs of users.

●"Spyware" has become the biggest security threat on the Internet

Spyware showed the characteristics of diversified communication methods in 2005. Spyware manufacturers seek to maximize profits , attracting more people to become targets of surveillance and adopting increasingly complex communication methods. According to surveys, in terms of the way spyware spreads, the forms of "spyware" that users are most disgusted with mainly include: spyware that pops up ads, software that installs without warning, controls, programs that are not easy to uninstall, and programs that easily cause system instability. , a Trojan horse program that steals online banking and online game accounts.

The harm of spyware is not only the harassment of colorful advertisements, but also a more serious threat hidden behind it: spyware can be used by hackers to record any activity of the user on the computer, including which keys are typed. Keyboards, passwords, sent and received emails, web chats, photos, and more.

In 2005, Mastercard International announced that the computer network of a credit card data processing center in Tucson, Arizona, had been hacked and 40 million credit card account numbers and expiration dates were stolen. The thieves used the same method at this credit card company. Spyware was implanted in the data center's computer systems.

●China’s “phishing” ranks second in the world

Phishing, as a cyber bug, has quickly become a major attack method that threatens Internet security since its emergence in 2004. In 2005, phishing has changed from Vxers (virus enthusiasts) obsessed with technology to professionals tempted by profits. They constantly explore loopholes in the system and errors in rules, taking advantage of virus behavior and people's curiosity to engage in "fishing" and fraud everywhere.

In 2004 and before, phishing was mostly delivered to users' mailboxes by email, but this method alone can no longer satisfy profit-minded creators. Therefore, the communication methods of phishing in 2005 changed from a single active push method to a "wait and wait" method to more diversified communication methods. These methods include: fake online banking and online securities websites; using fake e-commerce to commit fraud; using Trojans and hacking techniques to steal user information, etc. In fact, in 2005, "phishers" often used the above methods to interweave and cooperate in the criminal activities of online fraud, and some used mobile phone text messages, QQ and MSN conduct various "phishing" illegal activities.

Taking May this year as an example, "phishing" cases surged 226% from the previous month, setting a record high in history. In the following months, phishing attack methods continued to increase at an average rate of 73% per month. According to statistics from the National Computer Virus Emergency Response Center, China's phishing websites currently account for 13% of the world's phishing websites, ranking second in the world.

●Viruses spread more diversely and more covertly

In 2005, web browsing, email and Internet downloading were the most common ways to infect computer viruses, accounting for 59% and 50% respectively. and 48%. The proportion of computer viruses spreading and damaging through network downloading, browsing and email respectively increased by 6% compared with last year

, while the use of local area networks to spread infections decreased by 7% compared with last year. It can be seen that the use of Internet communication has become a development trend in virus transmission.

At the same time, with the launch of instant messaging tools on major portal websites, the use of IM (instant messaging tools) has become an important way to spread, and it has gradually caught up with Microsoft vulnerabilities and become a way to spread viruses between networks. The preferred method, from "MSN Sexy Chicken" at the beginning of the year to "Bookworm", "QQRRober", "QQTran" that use QQ to spread, and "QQMsgTing" that can spread through a variety of IM platforms, they all use IM's vast The communication space spreads wildly. Everyone who uses IM tools will be invaded by this type of virus at least once. At the same time, during the propagation process, such viruses will construct temptation messages based on hot events in life, news figures, or pornographic information to induce chat friends to open addresses or receive virus files.

According to statistics, the number of viruses spread through IM tools has reached 2.7 million times, ranking first among all viruses. This has also made domestic IM manufacturers attach great importance to it. QQ2005 launched by Tencent was the first in the industry to cooperate with anti-virus manufacturers, and cooperated with Kingsoft Corporation to launch the world's first "QQ Security Center".

●The time interval between vulnerability viruses appearing is getting shorter and shorter

According to feedback from industry insiders, in 2005, an unpatched system connected to the Internet would not Within 2 minutes, it will be attacked by various vulnerabilities and cause computer poisoning. Therefore, although the infection rate of viruses has shown a downward trend this year, viruses still cause huge harm, and exploiting loopholes is still the most important means of virus spread.

It is understood that the current vulnerability threats encountered by ordinary users are mainly Microsoft operating system vulnerabilities. The number of newly discovered vulnerabilities in Microsoft is increasing every year. As of November 2005 alone, Microsoft had announced 51 vulnerabilities, including 27 with severe severity levels.

As we all know, Microsoft's Windows operating system has a very high market share in personal computers and has a very large user base. Viruses that exploit Microsoft system vulnerabilities to spread are obviously characterized by fast spreading speed, large number of infected people, and serious damage. The shock wave in 2003, the shock wave in 2004 and the sniper wave in 2005 are good evidence.

There are more and more viruses that exploit vulnerabilities. In the early morning of August 15, 2005, the "sniper wave" of viruses that exploited Microsoft vulnerabilities to attack computers was known as the fastest virus to exploit a vulnerability in history. It was only a week before the vulnerability was announced.

Therefore, relevant domestic anti-virus engineers tell users that the protective measures for network viruses in 2006 are mainly based on protection, but in addition, they must also have corresponding detection, response and isolation capabilities. When a large-scale Internet virus breaks out, the epidemic can be minimized by isolating the source of the virus. People must also have corresponding processing capabilities for viruses remaining on the Internet.