In recent years, many foreign government websites and important business systems have been attacked on a large scale many times, causing the network to be paralyzed for up to several weeks. According to the "Observation of Cybersecurity Vulnerability Situation in the First Half of 2022" released by the China Information Security Assessment Center, the government industry is still the key target of exploitation of vulnerability attacks by overseas hackers and APT organizations. Among them, the number of attacks through Log4j vulnerabilities exceeds 80 million, occupying the top of all vulnerability exploits. Typical vulnerability exploit attacks are mainly targeted at information systems in government agencies, education, and IT industries.
Image source: "Observation of the Cybersecurity Vulnerability Situation in the First Half of 2022"
Faced with the increasingly severe cybersecurity threat, my country has continuously built a solid legal line for cybersecurity. With the introduction of laws and regulations such as the "Cybersecurity Law of the People's Republic of China", "Data Security Law of the People's Republic of China", and "Personal Information Protection Law of the People's Republic of China", government agencies, as industry regulatory units and network security operators, have significantly improved their network security protection capabilities in key information infrastructure. However, the following four points are still facing the following network risks in the construction of my country's digital government:
During major events, hacking activities will be very rampant. How to implement the network security responsibility system, comprehensively and in-depth investigation of problems and hidden dangers, strengthen the construction of the network security guarantee system, and make emergency preparations, so as to effectively prevent various types of network threats in special periods, prevent the occurrence of network security incidents, ensure the security of important government information systems and portal websites, and ensure the stable operation of networks and businesses is the top priority of network security work.
The government industry mainly faces problems during the reinsurance period:
1. During the reinsurance period, the critical infrastructure is the key target of the attackers. How to ensure the safe and stable operation of the website and important business system?
2. Some units have serious shortage of support personnel. Faced with the sharp increase in pressure on multiplying cyber attacks, the heavy maintenance work is not available.
3. During the re-insurance period, once a government unit discovers a security incident, it will have a serious negative impact. How to detect attack behavior in a timely manner, quickly analyze and judge, and quickly deal with security incidents?
中文 security important period guarantee plan
中文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文 文Based on the methodology of pre-prevention, in-process monitoring, and post-process management, combined with AsiaInfo security offensive and defense research capabilities, professional security service teams, and product capabilities integrating threat monitoring, defense and blocking, a security guarantee plan "pre-inspection of re-insurance, safety guarding during re-insurance, and review and summary after re-insurance". The specific work ideas are as follows:
Security guarantee results for a certain government customer offensive and defense drill
In the network security offensive and defense drill, the Asia Information Security Service Team successfully escorted a certain government customer and achieved the best result of "0 points lost". It was called a "team with combat effectiveness, a high sense of responsibility and technical strength" by the customers. During the preparation stage of the drill, comprehensively conducted a security assessment of the current network status, and comprehensively discovered the security risks of government users through internal and external network asset sorting, security detection, and special security investigation. Based on the security risk investigation and actual network status, XDR security protection system is built to form a practical and practical protection system covering "cloud, network, edge, and end". According to the responsibilities of each department of the user unit, assist in establishing a closed-loop security risk treatment process from risk monitoring, analysis and judgment, emergency response to tracking and tracing, which greatly shortens the response time of security incidents. During the official exercise of
, the Asia Information Security Service Team conducted 7*24-hour monitoring and duty, adopting a 1212 personnel composition model (1 project manager, 2 offensive and defense experts, 1 product expert, and 2 monitoring and handling), successfully defended thousands of cyber attacks, analyzed and dealt with hundreds of security incidents, effectively ensuring the safety of the government customers, successfully completing this offensive and defense drill and defense activity, and gaining high recognition from users.
中文 security guarantee service capabilities in important periods
Based on the in-depth defense system, comprehensive threat perception capabilities
assists in building a "cloud-based, linkage, and intelligence" in-depth defense system, realize security protection in the cloud environment and traditional environment, realize "one-point perception, full-network immunity", realize learning, detection and response of unknown virus rules, realize automated monitoring, response and blocking of security incidents, and improve security threat discovery and risk control capabilities in important periods.
covers the national professional security guarantee capabilities
中文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六文六�
Rich guarantee experience
AsiaInfo Security has always actively participated in and cooperated with the network security protection work of major national projects. It is a national-level network security emergency service support unit, a technical support unit of the national information security vulnerability database, etc. In recent years, it has participated in and successfully implemented more than 30 important national network security tasks such as the Two Sessions, the Beijing 2022 Winter Paralympic Games, and the 100th anniversary of the founding of the Party. It is a technical support unit of the national network and information security information notification mechanism and the main force in security of important national activities.
