Shulou(Shulou.com)12/24 Report--

CTOnews.com, November 30, according to the Internet Security Bureau of the Ministry of Public Security, on November 30, the Ministry of Public Security held a press conference in Beijing to inform public security organs across the country that they continued to carry out a series of "net" special operations to crack down on crimes committed by hackers and their overall results, and announced ten typical cases.

Li Tong, deputy director of the Network Security and Security Bureau of the Ministry of Public Security, announced at the press conference that since 2022, public security organs across the country have cracked 2430 cases of hacker crimes and arrested 7092 suspects, effectively cutting off the underground industry chain with hacker crime as the core, effectively ensuring the security of the network and data, and effectively maintaining the normal order of cyberspace. He also briefed everyone on the relevant situation of public security organs cracking down on hacker crimes in accordance with the law, and the contents of CTOnews.com are as follows:

First, severely crack down on hacker crimes that disturb social fairness and infringe upon the legitimate rights and interests of the people in accordance with the law. Focusing on the key areas of people's daily life, such as tourism, medical education, consumer entertainment, and family activities, we will crack down on illegal seizing of train tickets, hospital registration, scenic spots, concert tickets and other social resources. hacker crimes that invade family and personal privacy.

The police in Beijing and Jiangsu detected a number of cases of illegal seizure of social resources such as medical registration in third-class hospitals and tickets to summer popular scenic spots, seized more than 200,000 groups of online accounts used to carry out illegal preemption, and identified more than 7 million yuan in funds involved in the case. Zhejiang police cracked down on a criminal gang that seized residents' consumption coupons and found out that the suspect hacked into an App server to steal and seize a large number of residents' consumption coupons to cash out. Henan police cracked down on a criminal gang that illegally hacked into and controlled cameras and identified them as exploiting loopholes to control more than 1000 household cameras, illegally snooping into other people's families, and even recording videos for profit. The Guangdong police cracked down on a criminal gang that illegally seized mobile phone "beautiful accounts" and found out that they wrote Trojans to illegally seize more than 10,000 "beautiful accounts" such as "leopard number", "serial number" and "birthday number", and illegally made a profit of more than 2.3 million yuan.

Second, severely crack down on hacker crimes that undermine the operation order of the market economy and the state tax system in accordance with the law. We should pay close attention to the crime of using hacker technology and tools to undermine the market economic order and the state tax system, and crack down on the use of chips and system loopholes, illegally tampering with core codes, replacing cheating equipment, and tampering with tax control data. criminal activities of evading taxes and infringing national interests.

The Ministry of Public Security launched a cluster campaign against the crime of illegally tampering with tanker tax control chips to steal oil and evade taxes, investigated and dealt with a large number of private gas stations involved in the case, and recovered 1.46 billion yuan in tax evasion. The police in Sichuan and Chongqing detected a number of cases of sabotaging the prevention and control of the tax system and falsely issuing value-added tax invoices, and identified 14000 false invoices, totaling about 1.5 billion yuan. The police in Shandong and Zhejiang eliminated a number of criminal gangs that carried out extortion by tampering with website pages, emptying website data, and encrypting important documents, and found out that more than 300 website platforms and more than 400 private enterprises were invaded by the criminal gang, and the amount of money involved in the case reached 5 billion yuan.

Third, crack down on the crime of hackers who invade, destroy important information systems of the state and industry, and illegally obtain information and data in accordance with the law. Focus on protecting the security of system platforms that are closely related to the national economy and people's livelihood, such as government services, education and health care, and e-commerce logistics, and crack down on crimes such as illegally hacking into and destroying relevant information systems to obtain national, industry data and personal information stored in the system.

The Ministry of Public Security launched a cluster campaign against the crime of dropping Trojans on WeCom, postal delivery and e-commerce platforms, wiped out 121 "poisoning" gangs, arrested 426 criminal suspects, and successfully dissuaded 964 enterprises from fraud. Recover the loss of more than 9350 million yuan.

At the same time, we will dig deep into the data sources of illegal and criminal activities such as private detectives, phone harassment, and racketeering, eliminate a number of criminal gangs that illegally obtain citizens' personal information through technical means, and seize billions of pieces of information and data by providing inquiries and making profits. Jiangsu police knocked down an automated attack platform, identified lawbreakers for malicious competition, private anger, etc., and used the platform to carry out 26,000 network attacks, resulting in the paralysis of a large number of websites and servers.

Fourth, crack down on criminal gangs of hackers who provide technical support for illegal and criminal acts such as telecommunications fraud and online gambling in accordance with the law. In view of the illegal and criminal activities such as telecommunications fraud and online gambling, which are deeply hated by the people, we will crack down on the criminal gangs of hackers who provide them with technical support such as data and information, drainage and promotion, and station operation and maintenance.

The Ministry of Public Security deployed local public security organs to detect the case of Trojans for the elderly, and found out that the suspects illegally obtained users' mobile phone numbers, text messages and other information by means of colluding with motherboard manufacturers to implant malicious chips, or by implanting Trojans in system brushing packages, and illegally made profits by ordering value-added services and peddling relevant information, and found out that more than 10 million elderly machines were controlled, and the amount of money involved in the case was over 100 million yuan.

Tianjin police knocked out a traffic hijacking gang and found out that it promoted illegal websites such as online gambling and online pornography by means of automatic redirection and pop-up windows, involving more than 7000 yuan. The Sichuan police solved a case of fraud by issuing virtual currency in the name of disaster relief, and identified that hacker gangs issued "Sichuan refueling coins" in the name of earthquake relief, enticing netizens to make use of the reserved back door to cash out a large number of additional cash, with a capital of 12 million yuan.

Fifth, strictly crack down on hacker crimes that interfere with the operation of the environmental monitoring system and undermine the construction of ecological civilization in accordance with the law. In view of the activities of abusing hacker technology to destroy the ecological environment, we will crack down on the crime of tampering with monitoring data such as atmosphere, water, land and so on.

Beijing police cracked a case of atmospheric pollution and found out that in order to evade supervision, the company involved illegally intruded into the background of the monitoring system and tampered with relevant data to discharge pollutants such as sulfur dioxide in excess of the standard. Henan police cracked a case of using Trojans to tamper with emission data of building materials enterprises, which involved 162 key pollution supervision enterprises across the country and verified that the pollutants exceeded the standard by more than 30 times. The Chongqing police cracked a case of tampering with wastewater monitoring data, identified relevant enterprises colluding with monitoring equipment operation and maintenance personnel, illegally obtained the authority of the monitoring system, and tampered with sewage discharge data.

Sixth, severely crack down on hacker crimes that break through security restrictions and illegally obtain authorization and permission in accordance with the law. Focusing on the platform systems in the fields of production safety, health and quarantine, transportation and other industries, we will crack down on the crime of illegally obtaining employment qualifications, quarantine certificates and safety permits by tampering with data and exceeding authorization.

The Ministry of Public Security deployed local public security organs to eliminate a number of hacker gangs that tampered with the authentication system data, illegally qualified construction workers and freight drivers, and found out that the relevant personnel were engaged in construction, road transport and other activities without safety training; in view of the drone interference with the airport and other random images, the Ministry of Public Security smashed a number of criminal gangs that cracked the procedures for the prohibition and height restriction of drones, and seized thousands of cracked drones. Solve a number of driving school fraud cases, find out that hackers help driving schools and students forge driving videos and positioning data, fabricate the duration of training, and seek improper benefits.

Guangdong police knocked out a gang that made remote control equipment and illegally controlled parking elevators, and found out that buyers used the equipment to evade parking fees for a long time.

In response to a reporter's question about the increasingly prominent aspects of hacker crime, Shi U, deputy director of the Network Security Bureau of the Ministry of Public Security, said that hacker crime mainly includes illegal intrusion into computer information systems, illegal acquisition of computer information system data, illegal control of computer information systems, and provision of programs and tools for intrusion and illegal control of computer information systems. And the destruction of computer information systems.

Judging from the cases investigated by public security organs in recent years, the current trend of hacker crime is as follows:

One is to become the "technology engine" of network-related crimes. According to the statistics of the Ministry of Public Security, the number of hacker cases has increased for three consecutive years, with an average annual increase of 27.7%. In addition to directly invading and destroying computer information systems, criminals also steal data, tamper with websites and hijack traffic by means of stealing data, tampering with websites, hijacking traffic, and so on. for telecommunications fraud, online gambling, online pornography, online water army and other illegal and criminal activities to provide technical support, material information and promotion and drainage services.

Second, the field of infringement extends from online to offline. With the widespread application of network information technology in traditional industries, the target fields of hacker crimes are becoming more and more extensive, and criminals gradually extend their criminal tentacles from the Internet to the offnet. for example, remote control parking rods, tampering with tanker tax control chips, interference environmental monitoring equipment, etc., intertwined to form a virtual and real crime network.

Third, the modus operandi is becoming more and more diverse with the development of technology. With the development and changes of artificial intelligence, blockchain, Internet of things and other new technologies, new business type and new applications, the modus operandi of hacker criminals are also constantly upgrading. For example, the use of artificial intelligence technology to forge portraits and voice, the use of blockchain intelligent contract loopholes to issue a large number of "virtual currency" to extract other people's property and other new situations emerge one after another.

Fourth, the technical threshold is constantly decreasing, and the characteristics of low age are remarkable. Under the condition of high sharing of information on the Internet, thousands of hacker tools have been circulated on the Internet. Most of the hacker tools have detailed tutorials and easy to operate. Criminals do not need to master professional technology to use these tools to carry out vulnerability scanning, Trojans, DDoS attacks and other criminal acts. The average age of hacker criminals is decreasing year by year, and some pupils are even found to be proficient in using hacker tools.

Fifth, the social harmfulness of hacker crime is becoming more and more serious. Hacker crime is changing from "showing off skills" to "encroaching on wealth and seeking profits", from "fighting alone" to "gang crimes", stealing network assets, infringing upon citizens' property rights and interests, seizing public resources, disturbing social fairness and justice, interfering with pricing and metering system, destroying market economic order, tampering with ecological monitoring data, destroying the construction of ecological civilization, forging professional qualification certificates, endangering production and traffic safety. Provide multi-link help to promote vicious crimes such as telecom fraud.

The reasons for the high incidence of hacker crimes Huang Xiaosu, second-class director of police technology of the Network Security Bureau, answered the reporter's question about why hacker crimes occur frequently in areas closely related to the production and life of the public.

She said that the main reasons are as follows:

First, the system protection ability is lack, the user protection consciousness is insufficient. At present, some responsible units do not pay enough attention to network security and fail to upgrade and maintain the relevant systems in time, resulting in a large number of high-risk vulnerabilities and high-risk ports for a long time, giving hackers an opportunity. At the same time, the relevant system users and netizens lack awareness of network security protection, and the passwords used on a daily basis are often default and simple passwords of systems such as "123456" and "admin", which can be easily cracked by hackers, thus stealing a large amount of critical information, data and citizen property.

Second, hacker tools are increasingly rampant and the threshold for crime continues to be lowered. At present, there is a flood of hacker attack tools and automated attack platforms in the name of technology sharing and technology exchange, the code is easily available, and the relevant attack tools and services are cheap, detailed tutorials and simple operations. as a result, lawbreakers who do not have professional and technical capabilities can also easily carry out system intrusion, data theft and network attacks by purchasing hacker tools and services, resulting in a continuous rise in the incidence of hacker crimes.

Third, hacker crimes are tied to the underground industry chain, resulting in a substantial increase in illegal profits. Public security organs investigated and investigated cases and found that the growth rate of hacker crimes aimed at invading property is obvious, accounting for more than 90% of all hacker cases.

On the one hand, with the acceleration of digital transformation, online virtual property forms a huge "treasure", attracting hackers to directly steal company and personal online banking funds and virtual property through technical means to make exorbitant profits. On the other hand, as telecommunications fraud, network gambling, and malicious competition among enterprises all have a strong demand for system permissions and information data, hackers continue to invade all kinds of system platforms, steal sensitive data, and maliciously drain and popularize them, promoting the development and growth of network-related criminal gangs such as telecommunications fraud and network gambling, and related crimes also rely more on hacker technology, forming a vicious circle.

Daily hacker crime techniques Shi U, deputy director of the Network Security Bureau of the Ministry of Public Security, introduced the hacker crime methods that may be encountered in daily production and life when answering a reporter's question.

He said that at present, among the crimes committed by hackers, there are mainly the following five criminal methods that are closely related to the daily production and life of the majority of netizens and enterprises:

One is blackmail virus attack. Hackers spread the extortion virus through e-mail and instant messaging tools, threatening to encrypt user files, destroy users' computer functions, publish or delete users' sensitive data, and force users to pay ransom and carry out extortion.

The second is phishing attack. The hackers disguised themselves as people with high trust in government departments, financial institutions, acquaintances and friends, and lured users to click on the "phishing" link to directly submit personal information or download malicious programs, so as to carry out illegal and criminal acts such as theft and precision fraud.

The third is weak password attack. Hackers obtain a large amount of account information through illegal channels and use technical means to crack relevant account passwords and steal user assets or system permissions. This kind of attack has a high success rate for users who use simple passwords such as mobile phone number and date of birth, as well as users who use the same password on multiple platforms.

Fourth, traffic attack. That is, the DDoS attack that we often mentioned, hackers send a large number of data packets to the attacked host and server through a variety of ways, resulting in the host or server unable to respond to normal requests, in a continuous state of "downtime", the business system is paralyzed and users can not access it normally.

Fifth, the intrusion of Internet of things equipment. Hackers take advantage of loopholes in Internet of things devices such as surveillance cameras, smart homes and smart cars to carry out intrusions, obtain system control rights, steal user privacy data, or control Internet of things devices.

How to avoid hacker attacks Li Tong, deputy director of the Network Security Bureau of the Ministry of Public Security, said in response to a question from journalists about how enterprises and citizens should avoid hacker attacks and protect their own system security and data security in production and life, enterprises should first strictly implement the management responsibility in order to do a good job in network security, and register and evaluate the website in accordance with the requirements of "who is in charge and who is responsible for operation". Implement security measures that match the importance of the business, and do a good job in daily network security protection.

Specifically, the public security organs suggest three points for attention:

First, we should pay close attention to high-risk vulnerabilities, high-risk ports, and weak passwords, strengthen the management of firewalls and security software, reasonably assign employee rights, upgrade multi-level password protection, strengthen software and equipment protection, and prevent hackers from invading the system.

Second, it is necessary to formulate emergency plans for network security incidents, often organize security drills, discover and rectify network security vulnerabilities in a timely manner, and ensure the safe and stable operation of the network.

Third, it is necessary to establish a risk early warning mechanism, promptly deal with security risks such as system loopholes, computer viruses, network attacks, and network intrusion, and keep server logs in accordance with the law. When you find that you have been attacked by a hacker, you should immediately cut off the network, keep the evidence on the spot, and report the case to the public security organ in time.

For individual citizens, the public security organs also suggest three points for attention:

First, it is necessary to enhance the awareness of network security, install firewalls and antivirus software and other protective measures on the Internet, improve and repair system loopholes, and upgrade network applications in a timely manner.

Second, we should be vigilant, do not click on unknown URL links, scan QR codes of unknown origin, do not connect free wifi hotspots at will, and avoid being implanted with Trojans.

Third, to do a good job of password management, do not set the network account password, boot password, lock screen password, payment password and so on to name pinyin, birth date and other simple characters, it is best to change the password regularly.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.