Basic period of 18 years, now is the Inner Mongolia Autonomous Region of sophomore high school students a priority. In the past year or so, he has attacked more than 2,200 sites inside and outside.
May 30, basic period in Hohhot home was arrested. Worrying is the basic period case again highlights the government websites of many of our security management and preventive measures weak
Vulnerable to attack.
Suizhou attack only a few seconds of Government Information Network
This year on May 22, Hohhot detachment received the Public Security Bureau in Hubei province network monitoring network monitoring Suizhou detachment and an investigation the Public Security Bureau Notice: May 15, a CRC using the IP address of the user Hohhot attacked Suizhou government information network, with the result E-government system paralysis 3 days, in the community caused by the more severely affected. May 30 at noon, basic period suspects at the home of Hohhot was arrested.
Basic period, according to account, his 6th grade elementary school when they are infatuated with the Internet, to a junior high school, he taught himself to master the network programming, and then he concentrated on studying online hacking techniques, began to attack others sites. Since 2006, he has attacked more than 2,200 domestic and foreign sites, which attack the mainland site Heilongjiang Information Network, Suizhou government information network, Hohhot talent network, Hohhot, such as more than 200 financial web sites, most government Web site .
Basic period also confessed that he was attacking all the dynamic pages, not static pages. In his view, the ability to prevent static pages too low. Every time he selected to attack the site, this site's home page will be saved, and then attack, hackers change into his web. Attack is successful, he will have to leave their own page 3 QQ number, a MSN account and personal home page, hoping to be attacked by more than chat site to contact him and ask him to resume website. "But almost no one with me!" Said basic period.
Basic period that, compared with overseas websites, the mainland sites are too obvious flaws, most no intrusion detection, authentication, encryption and other systems, it is easy to attack. For example, he "black" Suizhou government information network, only a few seconds; "black" talent network and Hohhot Hohhot Financial Network, spent about 2 hours.
He also recalled that when "black" Tongji University campus, he was still on the first two days, technology is not very high, but this site is too obvious loopholes, no fee will succeed a big strength.
Government Website "shoddy" problem can not be ignored
The case of basic period reflects weak government website security measures. Hohhot detachment of the Public Security Bureau Network monitoring unit responsible Li Court cases are concerned.
"Why do some children learn a little web knowledge, you can 'black' government website, it is because the Government's site is not prevention, as the door was open, a thief can not get in?" Li said Court.
According to the police analysis, in order to meet the "Government information technology projects" examination, all levels of government and party and government organs, institutions have set up a website, some web site producers are shell companies, the website done, this company could not find a , without mentioning the daily technical services? Meanwhile, some government building site is a one-time investment, no follow-up investment, no professional team to maintain, web pages are not updated a long time (that static page), and even hacker attacks have disdain.
According to analysis, some sites do not take protective measures to upgrade at any time, the result became the "Naked Network"; also the site without logging by hacker attacks, can not leave a valid evidence, it very difficult to bring the police in handling cases .
Account of basic period, if the use of scanning technology hackers will find vulnerabilities within the web site has many, many of which are government-run.
According to Li Kok, China's government website of cases subjected to hacker attacks have occurred, most did not report the one hand, the attack site after the resumption of professional and technical personnel; the other hand, left no evidence, not hackers know that infection with a virus.
In accordance with state regulations, site security measures there are five main points: First, enter, second read, third is well finish fourth, out into chaos, Fifth, instead of petrol.
However, police in the government in Hohhot site inspection found that many sites fail these requirements. Police asked to site remediation, always pushing each other, said no money or no expertise.
Maintaining network security is related to the government's reputation
Li Court noted that the network security for the state, enterprises and individuals of great importance, especially in the security of e-government system, is related to state organs and institutions of the normal operation, as well as national security, government websites should be highly concerned about security issues .
Experts believe that, with widespread use of network technology, a large number of hacking techniques to teach the information transmission in the network so that some computer enthusiasts in curiosity, Chengneng driven by factors such as learning hacking techniques, and those with weak security measures Web site attacks.
According to Wang Shaowei account of his hacking techniques are learned from the Internet, the "black" people's web site is to show their level, do not know if this is illegal.
Yan Chen, director of Inner Mongolia Academy of Social Sciences Sociology and others suggested that all levels of government in promoting the information process, not only attach importance to website building, website maintenance should pay more attention to increase investment, strengthen management, to build information security firewall.
On the other hand, the experts recommended to strengthen the network of moral education, to further improve network security and cyber-crime legislation. Yan Chen, who said that the prevention of juvenile crime is a whole network of society should be concerned about a major project. Schools, families and society should take responsibility. Various ways to help young people establish a network of ethics, to increase the existing network of laws and regulations propaganda, enabling them to know and abide by the law.