Many ministries and commissions strengthened regulation, and Tencent security helped enterprises resist the "mining" Trojan horse

11 month 16 Japan , The national development and Reform Commission held a press conference , Focus on the virtual currency “ dig ” government . At the meeting , Spokesman Meng Wei clearly expounded the virtual currency “ dig ” Hazards of , And said it would continue to do a good job in virtual currency “ dig ” Whole chain management , Establish a long-term mechanism , Strict precautions “ A stirring among the dry bones ”.

all the time , Tencent security is based on its many years of security operation experience and capability , Created a series of solutions , Help enterprises improve their defense against the threat of mining Trojan horse invasion , Build a solid enterprise security defense line .

The national development and Reform Commission has made great efforts to rectify “ dig ” Behavior

At the press conference , Meng Wei, spokesman of the national development and Reform Commission, said , Virtual currency related business activities are illegal financial activities . The national development and Reform Commission will focus on industry “ dig ”、 State owned units involve “ dig ” And bitcoin “ dig ” Focus on comprehensive rectification . For the unit implementing residential electricity price , If you find yourself participating in virtual currency “ dig ” Activities , We will study the imposition of punitive electricity prices .

As early as this year 9 month , The national development and Reform Commission and the Central Propaganda Department 、 Internet Information Office 、 Ministry of industry and information technology 11 Jointly issued by the department 《 On the regulation of virtual currency “ dig ” Notice of the event 》, Clearly strengthen the virtual currency “ dig ” The whole industry chain supervision of upstream and downstream activities , It is strictly prohibited to add virtual currency “ dig ” project , Accelerate the orderly exit of stock projects , Promote the optimization of industrial structure and help carbon peak 、 The goal of carbon neutralization was achieved on schedule .

The relevant person in charge of the national development and Reform Commission pointed out , One side ,“ dig ” High energy consumption and carbon emission intensity , To realize dual control of energy consumption and carbon peak in China 、 Carbon neutralization target has a great impact , Add the pressure of power security in most areas , And aggravate the tension between supply and demand of relevant electronic information products ; On the other hand , Bitcoin speculation and trading disturbs China's normal financial order , Give birth to illegal and criminal activities , And become money laundering 、 tax evasion 、 Channels for terrorist financing and cross-border capital transfer , To a certain extent, it threatens social stability and national security .

It can be seen that ,“ dig ” The harm of Trojans , Far more serious than people think .

“ dig ” The harm of Trojans is seriously underestimated  

“ dig ” Does the Trojan just make the system card slow down and consume electricity ？ No ！ Your business may lose money due to data leakage .

In the early “ dig ” Behavior , It is indeed illegal black production, which invades the server on a large scale and implants the mining Trojan horse , Then, the computer resources of the controlled host system are used to mine digital cryptocurrency for profit . therefore , Many people think that the mining Trojan just slows down the system , Consume system resources , There will be no destructive consequences . This view seriously underestimates the harm of mining Trojans , The impact of mining Trojans is much more than that .

According to the latest report of Tencent security team , In the attack of the public cloud , Proportion of invasion for mining purposes 54.9%, Tencent cloud in the past 30 Mining Trojan horse attacks have been detected for more than days 6000 rise . There are scientific and technological media reports , The mining Trojan horse attack exceeded... In all security incidents 25%.

In addition to consuming a lot of host computer resources , Interfere with normal business operation . Mining Trojans usually operate “ close Linux/Windows A firewall ”“ install Rootkit back door ” And other high-risk behaviors , The Trojan controller may steal the server's confidential information at any time , The control server performs the following operations DDoS attack , Use this server as a springboard to attack other computers , It can even release the blackmail virus at any time and completely paralyze the server .“ dig ” The harmfulness of the Trojan horse can be seen .

Tencent security provides all-round solutions

How to effectively deal with such security threats , And in this process to promote enterprise network security capabilities , It has become the common goal of enterprise security managers and network security manufacturers .

Tencent security is based on a complete product matrix , Including the host side 、 Terminal side 、 Traffic side, security management platform and other security products and services , Help businesses deal with “ dig ” Trojans . 

• Main engine side , Enterprises can deploy Tencent security host security , Detect and fix vulnerabilities 、 Detect weak passwords 、 And high-risk orders , Reduce the possibility of hacker intrusion . At the same time, the host security can automatically detect and isolate the landing files downloaded by the mining Trojan horse , Tencent host security has been connected to the network based on artificial intelligence algorithm BinaryAI engine , The detection ability of known and unknown mining Trojans is stronger ;
• Container side , Enterprises can sort out their container assets through container security , Discover mirror and cluster security issues , Provide vulnerability and baseline detection capabilities , File access control , Abnormal process protection , Trojan Detection , The container escape detection and other capabilities protect the safety of the container during operation ;
• Terminal side , Enterprises can deploy Tencent zero trust iOA, Scan and repair vulnerabilities of the system , Check, kill and intercept virus Trojan horse attacks . By configuring zero trust iOA Security policy , Isolate potential intruders , In the worst case, even if there is a hacker intrusion , The security policy can also limit threats to individual failed terminals through micro isolation , So that it cannot be widely spread in the intranet . Zero trust iOA Authentication capabilities , It can also completely eliminate the possibility of weak password explosion intrusion ;
• Flow side , Enterprises can bypass the deployment of Tencent security advanced threat detection system （ Royal boundary NDR）, Analyze and detect the traffic between intranet and network , Discover hacker attacks in time . Enhanced domain penetration lateral movement detection capability , Never let go of any traces of hackers' activities on the intranet . At present, it has supported the whole process detection of mining Trojan horse from upload and implantation to intranet diffusion . Relying on Hubble's dynamic behavior sandbox and TAV Self developed anti-virus engine , It can accurately and efficiently detect the mining Trojan files transmitted in the current network . Based on Tencent sky curtain PaaS Safe computing support , Provide alarms -- Respond to one touch closed-loop disposal , Fast alarm processing , Improve overall operational efficiency ;
• meanwhile , Virtual machines can also deploy cloud firewalls 、Web Apply firewall to prevent vulnerability attacks , The built-in virtual patch mechanism of cloud firewall can effectively prevent high-risk vulnerabilities and 0day Loophole attack , The professional vulnerability response team will respond to the latest high-risk vulnerabilities , Timely upgrade the interception rules to prevent hackers from taking advantage of . Through the network traffic control strategy , Limit the spread of threats . Cloud firewall supports configuring wechat code scanning login , It can completely eliminate the possibility of hackers using weak password blasting attacks .

Enterprises can according to their own network 、 Deploy corresponding security products according to business characteristics , Build an enterprise exclusive multi-level security defense network . For enterprises large enough , The security operation center can also be configured , Manage all deployed security product capabilities organically and uniformly , The enterprise security management team can fully control the overall situation of network security through the security operation center . Tencent security operation center supports access to Tencent's own security product alarm data , It also supports access to third-party security product data . Through strong data analysis ability , Summarize and analyze a large amount of data that is difficult for enterprise operation and maintenance personnel to deal with , Change numerous for brief , Disperse disordered alarm fragments , The output is the complete threat incident investigation results presented by timeline , Let the security operation and maintenance personnel detect 、 Respond to 、 Handling threats is simpler .

Enterprise security trilogy

Mining Trojans have multiplied , High risk vulnerabilities are frequently exposed , The current security situation cannot be ignored . For government and enterprise organizations to prevent the harm of mining Trojan horse , Tencent security expert Li Tiejun gave four suggestions ：

1、 Mining Trojan horse usually invades the channel through high-risk vulnerability attack and weak password blasting , Enterprise security operation and maintenance personnel can focus on these two types of weaknesses , Use corresponding safety products to carry out risk detection on enterprise assets , Timely reinforce the risks found .

2、 It is recommended that the enterprise configuration cover all nodes , A complete defense system distributed at multiple levels , Attackers often attack a single system with weaknesses , After success , Quickly use a large number of hacker tools to spread in the network .

3、 Zero trust is recommended iOA Or other management methods , Configure strict security policies , Manage employee behavior , Avoid downloading software or server component installation source without enterprise security audit .

4、 It is recommended to organize employees to conduct network security training regularly , Enhance the awareness of prevention , Be careful with emails and documents of unknown origin . Give up using weak passwords , Or configure multiple authentication for important services , Weak password is the most common means of all kinds of hacker attacks .

Mining Trojan horse is one of the most common threats to host computer , It is also a test of enterprise security defense mechanism 、 The key to the level of environmental and technological capabilities . For small and medium-sized enterprises that lack manpower and budget , Last month, Tencent security and China Association of small and medium-sized commercial enterprises jointly launched “ The same boat project ”, by 1000 Enterprises and institutions provide free emergency response and risk detection services , Help many small and medium-sized enterprises to make up for the shortcomings of safety construction , Improve the security line .

meanwhile , Tencent security will continue to export its own capability accumulation and technology accumulation , Partners of collaborative industrial ecology , Together against “ dig ” Trojan horse , Effectively prevent the serious harm it brings , Provide assistance for industrial safety , Together , Defend beauty .