[Industry Dynamics] National Internet Emergency Center ｜ Network Security Information and Dynamic Week, No. 26, 2022

The "Information Security Research" was reproduced by the National Internet Emergency Center to reprint the "Network Security Information and Dynamic Weekly", No. 26, 2022 (June 20-26), and will be updated regularly in the future. Welcome to follow.

The basic situation of network security this week

The overall evaluation of the Internet network security situation this week is good. my country's Internet infrastructure operation is stable as a whole, and infrastructure operation safety incidents that have not occurred nationwide or no major impact in the provincial administrative region have not occurred. The main security threats for government, enterprises, and the majority of Internet users come from high -risk vulnerabilities, malicious code dissemination, and website attacks.

This week's network virus activity

The number of malicious programs in domestic computer is about 62.665 million times, and the number of malicious programs in the domestic infection computer is about 1.424 million.

Figure 1 The number of network virus hosts infected this week

Put the horse station is the source of the spread of network viruses. This week, CNCERT monitored a total of 2,423 domain names and 5503 IP addresses. Among the 2423 domain names, the most top -level domains are .com. According to the analysis of the horsepower URL, most of the stables were accessed through domain names, and 194 were directly accessible through IP.

In response to the discovery of CNCERT's independent monitoring and reporting data from each unit, CNCERT actively coordinated the domain name registration agency, and at the same time released a blacklist on its official website through ANVA. Anva network security threat information sharing platform: https://share.anva.org.cn/web/publicity/listurl

Website security this week

This week, CNCERT monitorsed 1,835 domestic number of websites; 670 websites implanted in the back door were implanted; the number of counterfeit pages for domestic websites was 1,3001.

Figure 2 This week's domestic website infection

Important loopholes this week

This week, 383 new network security vulnerabilities were newly included in the National Information Security Vulnerability Sharing Platform (CNVD). Among them, web applications account for the highest proportion, followed by applications and network devices.

Figure 3 This week, the network security vulnerability is included

For more details related to vulnerability, please see the CNVD vulnerability weekly report. CNVD Vulnerability Weekly Release Address: http://www.cnvd.org.cn/webinfo/list? Type = 4

This week's incident handling situation

This week, CNCERT coordinated cloud service providers, domain name registration service agencies, app stores, provincial branch centers, and international cooperation organizations to handle 2,990 network security incidents, including 2,755 cross -border network security incidents. Among them, coordinating domestic and overseas domain name registration agencies, overseas CERT and other institutions focus on the 2810 page imitation complaints. Coordinate 41 platforms that provide malicious mobile applications downloading services to carry out mobile Internet malicious code processing work, and handle a total of 1,521 malicious URL links that spread the malicious code of mobile Internet.

- END -