Cybercrime Prevention from the Perspective of Anti-Cyber-Attack Technology ——The Thinking and Practice of the Enterprise

Home , Cybercrime, Malware

Cybercrime Prevention from the Perspective of Anti-cyber-attack Technology ——the Thinking and Practice of the Enterprise

Dr. Liyun HAN 360 Dipper Research, the Future Security Labs 2020.07.29 @ UN IEG Conference The Overall Scale of Cyber Underground Economy

Top companies paying for cyber security $25/min vulnerabilities per minute in 2018

Global economic loss per minute $ 2.9 million/min due to cybercrime in 2018

Estimated global economic loss per minute $ 222184/min due to ransomware attacks in 2019

From：The Cybersecurity Law Research Center of the Third Research Institute of the Ministry of Public Security P.R.C. 02. 360 Mobile Guard Statistics: Mobile Malware

Unit:10 thousand

03. 360 Mobile Guard Statistics: Internet Fraud

04. How to Understand Cyber crime？

Typical Cybercrime Typical Characteristic Industrialization, the chain is long and tight ① Traditional E-crime • The upper reaches: the hackers to provide technologies • The middle reaches: black production gangs • The lower reaches: various related organizations who support Tech：Fake IP address, URL redirection, botnet black production gangs.

Crime：Telecom fraud, Internet gambling, spreading pornography via chatroom, online social suicide, Grouped Form copyright infringement It involves cross-department, cross-industry, cross-platform and even cross-border criminal actions, forming a close network loop Crime enabled by hacking and defense ② technology

Tech ：exploiting Vulnerabilities, ransomware, Increasingly enhanced technical means Malicious Trojan and anti-reconnaissance capabilities

Crime ：Illegal intrusion, control, and destruction of computer information systems, stealing data, production and spread of viruses, and paralysis of 05. systems Long Chain Attack by Hacker Penetration

Target to attack Serious security incidents may happen thoughthe the hacker’s behavior in the intranet environment seems to be legal. Criminal Intranet

Exploiting vulnerability Send messages Obtain legal with legal identity credentials to Production Smart entry Appliances shutdown

Get phone permissions by Malicious OA server Industrial Trojan Control Server Obtain valid credentials and legally entry 06. Employee’s phone Black Production Chain of Malware

01 Exploiting the malicious Trojan

① Remote control ② Traffic hijacking 03 ③ Botnet ④ Hacking 02 ⑤ Malicious downloading Main types of cybercrime

Spreading via smartphone ① DDOS attack, traffic hijacking ① Downloading maliciously implanted viruses ② Illegal trading of personal through APP information stolen by malicious ② Spreading malware through mobile web pages programs ③ Spreading malware through scanning QR codes ③ Use malware as tools to by mobile phone users implement fraud and extortion ④ Spreading through communication software email 07. Three Key Steps for Cyber Crime Governance

1 Individual 2 Governance of Public 3 The judicial Protection Network Environment punishment

Prevention can kill crime in the cradle

The key influencing factor of prevention is the capability Network attack and defense tech

To Improve the pre-capability and the capability of identifying, detecting, responding and controlling 08. Case：Anti-phishing Websites Protection

Protection Detection § All round blocking phishing websites § Accurately detecting phishing sites § For PCs and mobile devices § Detecting the rogue base station § Blocking phishing websites through threat intelligence sharing mechanism and reporting in real time Investigation & Analysis § Real-time query of phishing websites § Malicious sample storage 09. § Customized report Technology-driven Cybercrime Prevention

Big data analysis Security analysis and response Identification, detection, platform interception during anti-fraud, Multi-dimensional detection anti-gambling, anti-pornography Financial fraud prevention engine and others underground economy platform industry combating process Vulnerability mining Telecom fraud prevention PC & mobile endpoint Security enhancement in protection technology industrial internet and various Microscope APP fields of information scanning platform Traffic monitoring infrastructure, such as BFSI, server provider, Energy and Deception defense Cloud security service others.

Technology Platform Crime prevention scenario 010. Cases and efforts of 360

1 Malware Blocking 110 million times per day

Discovered more than 2,000 CVE vulnerabilities from mainstream global vendors including Apple, Google, Microsoft, 2 Vulnerability Discovering Huawei, Qualcomm, VMWare, etc, and assisted them in vulnerability location and repair, which can reduces the possibility of criminals exploiting vulnerabilities to commit crimes

Committed to cybersecurity education for 3 360 University of Cybersecurity users and cyber security practitioner in China and some developing countries

011. Responsibility · Cooperation · Ecosystem 预防与打击结合 Combination High-level responsibility of Prevention promote the industrial safety ecosystem l The Security + Internet Combating Multi- Public Responsibility participating Innovative And l Prevent cybercrime Technology collaborative 多方 Platform ecosystem 协同 Industry Collaboration 合作创新型 l Security data sharing 技术平台 l Promote industry safety standards 产学界 Platform Responsibility 交流 Communication l Security technology operation and maintenance with Academia l Platform information governance and Industry 012. We are looking forward to the further discussion and research with you.

Email: Dr. HAN Liyun [email protected] THANKS For academic cooperation please contact via: [email protected]

FUTURE SECURITY LABS the infinite future