align="left"> August 16th, the fourth China Internet Security Conference (ISC 2016) was held at the National Convention Center in Beijing, the current assembly to co build security + community with the fate of the community as the theme. Aimed at the joint network security field think tank, to build the Internet platform for information exchange, network security forces.
At the August 17th China Internet Security Summit, invited to the ISC chief scientist, Cyphort co founder and chief architect bow peak min as the host of the summit.
The summit, SCADA StrangeLove, head of the research team, Web application security alliance expert Sergei Godyczyk took the lead in his speech "the network threat analysis to share in the Internet" in different areas of experience.
Attack features: "quasi" and "fast""
Sergei said, in real life, businesses, users may not necessarily become the main target of the attack the attacker, the hacker can accurately find a weak link in the supply chain, through the gap to invade the weak system, when the enterprise users, partners is a successful hacker attack, will jointly the enterprise, users become victims of the goal.
In addition to accurately find a breakthrough in the network attack, Sergei also stressed that the speed of the network is also growing faster. He passed after the discovery of the SWIFT attack to the participants that, in 2016 February, a new group of hackers growing momentum, the more complex technology, the use of SWIFT attacks quickly invaded the ATM machine control system in Taiwan, hackers can not in the bank card and password situation, remove the ATM cash machine.
In addition, Sergei also mentioned DDos attacks, according to their survey data show that there are currently about more than and 20 DDos attacks against China, and mainly to state-owned enterprises and government agencies as the goal.
China's industry is more likely to attract attacks
Sergei also stressed in his speech, industrial control security has now become a real problem. This is because some of the industrial controller, construction equipment is a lot of years ago, when the level of technology and software is very backward, for now the hackers, almost everywhere there are loopholes. According to some research laboratory, industrial control system of 220558 online devices, more than 17 thousand of which are very fragile, because they are connected with each other between them, everyone may directly into the system, so as to control the industrial process.
Sergei especially pointed out that this is particularly important topic for China, many industrial buildings and equipment China, only to the smart grid, China now has more than 10 thousand, while Russia is only more than 1 thousand, so Chinese industry more vulnerable to attack. And almost all of the industrial control system of the factory and connected to the Internet, hackers attack as long as one system, it is possible to attack by other industrial fields.
Finally, Sergei concluded, he most wanted to give the main information you convey is not afraid of him, I believe we are all professional security sources, with their knowledge and experience, in addition, only through the government, supervision department, the industrial control system, ICS suppliers and key infrastructure operators work together to change the current heavy network threat situation.
"We need to work together to ensure the security of our national infrastructure and the security of the global infrastructure." Sergei said.