On January 19, 2016, the security dog, a cloud security service and solution provider, released the 2015 China Internet server security report (hereinafter referred to as the report). This report makes statistics and Analysis on the situation of server security threat and attack in 2015. According to the report, servers are still the main targets of hacker attacks in 2015, 46.6% of which are attacks against website applications. Security dogs help websites intercept more than 2 billion attacks and nearly 200 million host system level attacks.
The report also shows that the security dog has captured more than 1.95 million Web backdoor webshell on 153502 servers, an increase of 59.8% over 2014.
Server is still the main target server of hacker attack. Although it is the core engine of stable development of enterprise business, there are still many problems, which lead to server attack. According to the report, unhealthy servers account for 23% of the servers protected by safe dogs, and sub healthy servers account for 54.2%.
In 2015, Internet servers are still the main target of hacker attacks, and a large number of servers have been hacked. According to the attack surface, the report divides the attack types into four categories: network level attack, website application attack, host system attack and cloud environment attack, of which website application attack accounts for 46.6%, ranking first.
Brute force attack is the largest attack method in the network level, with an average of 50 million attacks per month. Brute force attack is very harmful. Once the brute force attack is successful, the attacker can create an illegal account, install malware (most of these attacks, most of the installed malware has scanning function) and other operations.
The security dog intercepts more than 2 billion attacks on Web applications, occupying the top of application attacks, and is the primary entry for hackers to attack servers. According to the report, in 2015, the security dog intercepted nearly 3.24 billion web site vulnerability attacks, with an average of 270 million Web site vulnerability attacks per month.
In addition, Xiaotian, a backdoor search engine released by security dog, captured more than 1.95 million webshell in 2015, of which the "one sentence Trojan" type still accounts for the highest proportion in the overall sample.
In terms of hacker attacks, Beijing, Zhejiang and Jiangsu are the most active areas to attack IP and the most attacked areas for servers. At the same time, it was found that IP (123.125.160.217) from Beijing launched the most attacks, up to 62418850 times. From the perspective of the industrial attributes of attack target servers and websites, with the rapid development of Internet finance, e-commerce and game industry, the proportion of attacks has also increased significantly.
In 2015, the network security technology has undergone an important change, and the network security market is also showing a thriving state. This year, with the continuous expansion of cloud computing market, cloud security has gradually become an important security trend. Meanwhile, the concept of "security is service" has been accepted by users and recognized by the market.
The full text of security dog 2015 Internet server security report can be downloaded and viewed by yourself: http://www.safedog.cn/download/software/year2015.pdf the open link of online disk is (downloadable): http://pan.baidu.com/s/1pkxiza7