The rapid development of the Internet is profoundly changing the social structure and social relations. Digital survival and networked life will become the norm. Human civilization is moving towards a new level under the promotion of the Internet. But the Internet is a tool, and the quality of a tool depends on its purpose. For those who seek knowledge, the Internet is a powerful tool for learning, discovering endless treasures of knowledge for you; for those who are negative, it is a spiritual opium that induces people to be addicted to games, etc. The danger of using the Internet is like the danger of driving a car accident. We do not have the convenience of not using a car accident or develop the automobile industry. It goes without saying that some illegal acts and vandalism on the Internet have brought different levels of security risks to human beings.
Although the security of the Internet world also involves property security, Internet security essentially refers to information security on the Internet, which is very different from the personal and property security in the physical world. All related technologies and theories involving the confidentiality, integrity, availability, authenticity and controllability of information on the Internet are research areas of cybersecurity.
1. Types of cyber attacks
Network attack refers to any type of offensive action against computer information systems, networking infrastructure, computer network or personal computer equipment. These attacks include sabotaging, revealing, modifying, disabling software or services, stealing or accessing data from any computer without authorization. Cyber attacks are divided into active attacks, passive attacks, and high-level persistent threats.
1. Active attack
Active attack will lead to tampering with certain data streams and the generation of false data streams. This type of attack can be divided into tampered with messages. It means that some parts of a legal message are changed, deleted, and the messages are delayed or changed in sequence; forgery refers to a certain entity (person or system) sending data information containing the identity information of other entities and pretending to be other entities; the terminal denies service, which will cause the normal use or management of communication device to be interrupted unconditionally, etc.
2. Passive attack.
In passive attacks, the attacker does not make any modifications to the data information. Intercepting/eavesdropping refers to the attacker obtaining information or related data without the user's consent and approval. It usually includes eavesdropping (including operation records, network monitoring, cracking weak encryption, illegal access to data, obtaining password files, etc.), spoofing (including obtaining passwords, malicious code, network spoofing, etc.), traffic analysis (including causing abnormal, resource exhaustion, spoofing, etc.), data flow (including buffer overflow , formatted string attacks, input verification attacks, synchronization vulnerability attacks, trust vulnerability attacks, etc.) attack methods. Passive attacks are mainly about collecting information rather than accessing it, and legal users of data generally do not notice such activities.
3, Advanced Persistent Threat (APT) Attack
Advanced Persistent Threat (APT) Attack is a form of long-term persistent cyber attack on specific targets and belongs to the category of active attacks. Before launching an attack, APT needs to accurately collect the business processes and target systems of the attack target. During this collection process, this attack will actively explore vulnerabilities in the trusted systems and applications of the target, exploit these vulnerabilities to form the network required by the attacker, and attack system vulnerabilities.
In addition, there are attacks in the form of virus Trojans, pseudo-base stations, etc.
2. The Internet faces five levels of security risks
1. National security
Cyberspace becomes a country's sovereign space. The ubiquitous information network constitutes a new space for human activities, namely cyberspace, and has become the fifth largest sovereign space after land, sea, air and space - Lingwang. Computer code controls the operating rules of the Internet and determines regulatory sovereignty in cyberspace. In the era of popularization of the Internet, the most dangerous means of international struggle is not military force, but network control.With the advantages of network technology, some countries can master the political, economic and military intelligence of other countries, paralyzing their communication networks, important facilities, financial systems and even military systems, and ultimately winning without a fight.
2. Economic security
With the penetration of the Internet into various industries, economic security has become an urgent issue. In the Internet era, most companies have suffered from cyber attacks to varying degrees, resulting in information leakage, threatening the continued operation of companies, and seriously affecting the fairness and order of market competition. In particular, companies closely related to the personal information of users, such as China Mobile, China Telecom , China Unicom , Taobao, Ctrip , Tencent , etc., have a large amount of personal information among the people. Once the information is leaked, it will seriously affect the goodwill of the company at the worst, and at the worst, it will cause economic and social security issues.
3. Social security
Today's Internet users are both consumers of information and providers of information. Unhealthy content erodes people's souls, and irresponsible remarks mislead people's emotions. The ever-banned online rumors spread incidents pollute the Internet environment, affect people's production and life, disrupt social order, and endanger the stability of the country.
The Internet has become a distribution center for various ideas, a competition field for ideological and a game base for different cultural strengths. With its control over cyberspace, some economic and cultural powers have implemented cultural invasions through the promotion and dissemination of their national culture and values, which have quietly eroded the traditional culture of other countries.
4. Transaction security
With the rapid development of the Internet, social media, and mobile terminal devices, netizens' transaction behavior has shifted to the Internet and mobile terminals. Behind all online economic activities, payment behavior will inevitably occur in the end. Internet users can handle business through online banking and realize all services on ATMs online except deposits and withdrawals through their smartphones.
Due to the huge economic benefits contained in the mobile Internet industry and its true connection with hundreds of millions of mobile terminal users, hackers have shifted their profit targets from "PC" to "mobile terminals". The real mobile Internet environment can be said to be "risk everywhere". With the development of the Internet economy, profit-seeking crimes using the Internet have increased at a rate of 30% per year, and the amount and harm of crimes have continued to expand.
5, Privacy and Security
Now there are many smart terminal models and applications, which greatly facilitates the daily work, study, production and life of the majority of users. However, security issues such as mobile phones are becoming increasingly prominent, and network hackers steal personal privacy and sensitive data such as contact books, photos, location information, call records, SMS content, application password accounts, etc. Criminals use telecommunications fraud, mobile banking to steal other people's funds, illegally obtaining other people's phone numbers to push spam advertisements, and other illegal activities are rampant, which seriously affects the normal study, life and work of the majority of users.
3. The main source of Internet security threats
1. The state organization
The highest level of cyber attacks represent the national power and serve the comprehensive confrontation and game between countries. It will comprehensively consider various factors such as politics, diplomacy, economy, society, and military. Such cyber attacks are generally state actions or illegal organizational activities with political purposes. They use network technology to collect various information on political, economic, military and social development related to national security in various computer network systems , and analyze and organize information for national security. Sometimes hacking technology is used to implant viruses into the other party’s information system, without using any traditional weapons to destroy the other party’s important facilities.
2. Business Institution
Driven by economic interests, some information consulting companies use hackers to invade the computer systems of enterprises and individuals, collect various information from netizens and industry enterprises, collect and classify and compile industry development reports, and provide consulting products and services to other institutions.
3. Business rival
Due to competition for commercial interests, some companies use hacker technology to invade opponents' computer systems to obtain business intelligence, or paralyze their opponent's operations and management. For example, if you steal information from the Internet, you can get a bid for a key project, which can be sold at a high price of hundreds of thousands or even millions of yuan in the black market.
4. Various types of hackers
Hacker attack methods can be divided into two categories: destructive attacks and non-destructive attacks. Destructive attacks are aimed at invading other people's computer systems, stealing confidential information in the system, and destroying data from the target system. Instead of destructive attacks are generally intended to disrupt the operation of the system and do not steal system data. Most of them are from computer experts. They are good at attack technology, but do not easily cause damage; they can identify security vulnerabilities in computer systems, but they will not maliciously exploit them, but publish them so that system owners can patch vulnerabilities in a timely manner and prevent illegal intrusions in advance; they are proficient in attacks and defenses, and at the same time have the rule awareness of network information security. (Li Zhimin, picture from the Internet)
