Executive Summary
2019 witnessed more intense challenges in global political and economic orders. Restricted by various conventions, agreements, and protocols, traditional military means are now the last resort. In this context, attacks on the financial sector and on the cyberspace become the first choices for rival countries to try on their modern military strategies. Predictably, these attacks will probably become regular approaches in the future. By the time when the 2018 Cybersecurity Insights was released, the following trends had taken shape regarding cybersecurity: The window between the discovery of a vulnerability and the effective exploitation of this vulnerability was shortened; the DDoS attack size steadily grew; emerging threats like those from the Internet of Things (IoT) rose sharply; such malware as backdoors, cryptojackers, worms, trojans, and botnets were still active. When it comes to information disclosure, the AcFun website was hacked, leading to a leak of nearly 10 million pieces of user data; India’s Aadhaar (India’s national ID database) number leak affected 1.1 billion citizens. Information disclosure events have hit record highs for six years in a row since 2013. The four enterprises, namely Facebook, Equifax, British Airways, and Marriott International, together were fined approximately USD 9 billion for privacy and information leaks, more than the aggregate market value of the cybersecurity industry in China in that year.
In the past few years, the cybersecurity awareness has been greatly improved. Related events are attracting attention from not only industry insiders but also all other people that the media can reach. Major cybersecurity events, including ransomware attacks, DDoS attacks, and IoT compromise, could affect social and economic activities in various sectors, stressing out IT professionals and security teams. The large-scale power outages in Venezuela and Ukraine, Iran’s missile launchers being paralyzed in a hack, and other incidents targeting a country’s critical infrastructure have changed people’s perception of cybersecurity, making them realize that cyberattacks are not just for personal showoffs and financial pursuits, but can impact the national security. This leads them to better understand a united system of land, sea, air, space, and cyber forces. Following these incidents, Russia tested its unplugged Internet and the USA unveiled a spending bill that includes millions of dollars for election cyber security. All these newsmakers keep opening people’s eyes and support the statement that “the security of the cyberspace is an integral part of national security”.
At the same time, governments around the world have put in place various measures to address cybersecurity.
In 1993, the USA issued the National Information Infrastructure: Agenda for Action . Two years later, it made the concept of information warfare known to the world. Since then, in over 20 years, the USA has developed and updated many policies, laws, and regulations around the country’s defense capabilities in the cyberspace. Well-known examples of these policies, laws, and regulations are Joint Publication 3-13: Information Operations, USA Patriot Act, Comprehensive National Cybersecurity Initiative (CNCI), 2015DoD Cyber Strategy, National Security Strategy (2017), 2018 DoD Cyber Strategy, and National Cyber Strategy (2019). Besides, the country has carried out various cyber offensive and defensive exercises over this period.
In the wake of the General Data Protection Regulation (GDPR) taking effect on May 25, 2018, the European Union (EU) greenlighted the EU Cybersecurity Act in March 2019, in a bid to build a general cybersecurity certification framework. In April 2019, the North Atlantic Treaty Organization (NATO) conducted the Locked Shield real-time cybersecurity exercise, with an eye to cementing the cooperation between countries in military and civilian areas.
In the future, digitalization and globalization will permeate through every corner of the world, bringing benefits for all. Compared with the report released in 2018, our 2019 Cybersecurity Insights adds the “Security Threats in the IPv6 Environment” chapter, noting that the IPv6-based Next Generation Internet (NGI) will become the cornerstone to support the rapid development of cutting-edge technologies and industries.
Where there are vulnerabilities, there are security events. This report compares the number of CVE vulnerabilities changing over a 10-year period from 2010 and lists top 10 vulnerabilities in 2019. Besides, trends of server, IoT device, and common application exploits are described respectively.
On the basis of reports released in previous years, we added a lot of new contents to expand the coverage of the 2019 report. Focusing on the security landscape and biggest trends in 2019, the report is aimed at delineating cybersecurity in an all-round manner, providing readers with insights into cybersecurity so that they can make accurate predictions and informed decisions when considering deploying related protections. Also, this report reminds readers to keep a close eye on the evolution of security risks and align their operations with security requirements in the new context.
To be continued.