Almost 40% cyber hacks originate from China. Is that the whole truth?
By Zafar Anjum December 7, 2016
- Global hackers are using China as a conduit to commit cybercrimes
- NSFOCUS markets threat intelligence data feeds including from North Asia and China
CHINA is known as the 'internet attack' capital of the world as it is believed that almost half of all cyber hacks and viruses originate in that Asian country.
This claim is backed by research data. For example, Massachusetts-based IT company Akamai says 43% of internet attacks originate in China.
About a month ago, about 3.2 million Indian debit cards were hacked. Many blamed hackers in China for having pulled off this cybercrime. John McAfee, one of the pioneers of cybersecurity, said in an interview that Hitachi was being blamed because they are the manufacturer of many of the affected ATMs but forensic analysis pointed to Chinese actors. At the same time, he cautioned that he had ‘little faith when it comes to determining a source, in our cybersecurity forensic tools’. It is far more likely to be an actor from within India, he said.
NSFOCUS Web Security Product Management director Guy Rosefelt (pic), made the exact same point when he was recently in Singapore to participate in a cyber-security conference.
“It is true that up to 40% of the world’s attacks originate in China but our research shows that their actual source of origin is the US, Russia, the Middle East and Brazil,” he said. What he meant to say was that global hackers are using China merely as a conduit for committing their cybercrimes.
Rosefelt’s words can’t be taken lightly. The company he works for, NSFOCUS, is an award-winning enterprise network security provider, a Chinese security company with its corporate HQ in Beijing, China but with international headquarters in California, US, and operations in the Americas, Europe, the Middle East, and Asia Pacific.
It is the only company that markets threat intelligence data feeds including from North Asia and China, Rosefelt claimed. His company is globally recognised for contributions on global threat intelligence.
A Chinese security company?
A security company coming out of China with global ambitions sounds like an anomaly. But NSFOCUS has succeeded in proving its worth in the digital security space. In fact, it has exploited the weakness, that of being the epicentre of global cyberattacks, and turned it into an opportunity.
According to Rosefelt, China has certain advantages in this area: Zero-day malware is seen in China first, and the world’s largest anti-virus and malware companies have a small presence in China.
China being its home-market, NSFOCUS’s vast infrastructure discovers malware quickly and creates signatures. Then it distributes the signature through its international cloud. “The largest AV and malware vendors will not see malware until days later,” he said.
Because of its strong presence in China, NSFOCUS has learnt to combat the increasingly complex cyber threat landscape through the construction and implementation of multi-layered defense systems.
“The company's Intelligent Hybrid Security strategy utilises both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide unified, multi-layer protection from advanced cyber threats,” said Rosenfelt.
Today, the company has 2,000 global employees and 20,000 global customers. Its research arm, the NSFOCUS Security Labs, is a renowned technical research centre that tracks and analyses global intelligence while identifying new network vulnerabilities and security trends.
NSFOCUS has fifteen years of success and experience working with Fortune 500 companies, including four of the world’s five largest financial institutions, as well as organisations in insurance, retail, healthcare, critical infrastructure industries as well as government agencies.
Successfully safeguarding assets during G20 Summit in China in 2016
According to Rosenfelt, Cybersecurity discussions were a top priority at the G20 Summit 2016, a global economic leadership forum attended by world leaders from 20 major economies, held in Guangzhou, China in September 2016.
An event of this scale naturally attracts cyber hacks. To protect the event from cyber-attacks, NSFOCUS was commissioned by China’s Ministry of Public Security to provide 24x7 cybersecurity protection for networks and applications associated with the G20 Summit. The company passed with flying colours. It successfully defended against 133,254 attacks targeting the G20 network.
“Securing an event of the size and prominence of G20 is an enormous undertaking,” said NSFOCUS Asia Pacific senior vice president Attley Ng.
“Cybercrime is evolving with hackers moving beyond traditional attacks to more advanced threats, and geopolitical conferences are always an ideal target for malicious activity. In order to combat these threats and ensure the security of the summit, NSFOCUS took a holistic approach and implemented an integrated and layered security solution to protect the G20. As a result, the event carried on as planned, and the striking number of incoming attacks did not disrupt activities.”
During the event, NSFOCUS secured 12,728 web applications and key pages linked to the G20 Summit, while at the same time defending 359,830 other critical business systems owned by NSFOCUS customers. Beginning Sept 1, NSFOCUS mitigated more than two million web attacks, including, 133,254 attacks targeting the G20 network.
“To do so, the company provided 28 systems that delivered attack traffic scrubbing, intrusion prevention, and web application security, all of which were continually updated with NSFOCUS global Threat Intelligence. The NSFOCUS solutions included next generation IPS, anti-DDOS systems, remote security assessment systems, web application firewalls, and WebSafe SaaS, a cloud-managed service for web servers,” said Ng.
“During the course of the conference, NSFOCUS protected G20 assets and customers against a non-stop barrage of attacks,” said Rosefelt.
“Hundreds of thousands of attacks executed over the course of several days presents a significant danger to even the most secure network. It’s worrying, but not surprising, to see such a force unleashed on the summit. NSFOCUS is proud to have defeated these attacks on a key leadership forum like G20.”
“With the renewed focus on Asia on the global stage, the need to secure networks and data exchanges becomes big business. The role of threat intelligence and awareness of the global threat landscape becomes significant,” said Ng. “Securing the G20 summit was an important milestone event that demonstrated our capabilities and expertise on the global stage.”
NSFOCUS has a longstanding history of securing major global events such as The World Internet Conference, 29th Olympic Games, the Big Data Expo, and IAAF World Championships in Athletics.
It is a rare to see a security company from China making its mark in the global security landscape. Now that China is overtaking the US as the world’s biggest economy, nothing can be ruled out.
Confident Chinese companies play well in the global market. Huawei had a tough time in establishing its credentials in markets outside China but eventually it did. Who knows, NSFOCUS could be next.
(Zafar Anjum is DNA's Contributing Editor in Singapore)
Kaspersky Labs: Targeted attacks on the rise
Cybersecurity: Why sharing is more than just caring
Fewer than 10% of APAC companies understand how cyber-attacks are performed
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.