China Cybersecurity Week and International Anti Virus Conference

October 9, 2019 By aavar Comments are Off

The sixth China Cybersecurity Week was launched on Monday 16 September in Tianjin. It is an annual week-long campaign that promotes national awareness on cybersecurity. After the opening ceremony, the first event was the third International Anti Virus Conference, featuring Chinese and International malware experts, including AVAR Chairman, Allan Dyer.

Opening Ceremony of China Cybersecurity Week

Mr. Huang Kinming, Minister of Publicity Department of the CPC Central Committee Concepts/Awareness of Cybersecurity

Mr. Huang conveyed a message from Xi Jinping that China must rely on the people to secure the people, emphasising the importance of education, integration with industry and balancing development with government. Laws, regulations, standards and norms should guide new technology and international cooperation should be strengthened with the ultimate objective of increasing the happiness of people.

Mr. Huang explained the theme for the week: “Cybersecurity for the People, By the People”, and outlined how media, education and the law play their part in cybersecurity. He noted the importance of protecting the rights and interests of the people in personal data and emphasised that personal data is a strategic resource of the country. He advocated strict plans and punishment of irregularities, clarifying the legal framework, attacking crimes and a crackdown on data collection.

Mr. Li Hongzhong, Secretary of Tianjin Municipal Committee of the CPC

Mr. Li pointed out that China was now no. 1 in eCommerce and ePayment. He cited Xi Jinping thought about Socialism with Chinese Characteristics and explained how it delivered a strategic vision to China Cybersecuiry Week. He reiterated the theme of the week: “Cybersecurity for the People, By the People”. As a Tianjin leader, he reported on the Tianjin cybersecurity firms and how Tianjin is leading manufacturing and AI development.

Mr. Fay Yifei, Deputy Governor of the People’s Bank of China

Mr. Fay said that the People’s Bank of China were leading protection of critical infrastructure and development of emergency response capabilities. Among the developments, the Real Name ID policy has allowed them to identify RMB 22 billion in large suspicious transactions, and freeze those funds. As part of China Cybersecurity Week, the People’s Bank of China has run 14,000 cybersecurity education campaigns in both rural and urban areas. They are using monetary technology, AI and Big Data to secure the financial industry with reporting systems, fast response, laws, regulations and standards. He reiterated the week’s theme: “Cybersecurity for the People, By the People.”

Ms. Weng Tiehui, Vice Minister of Education

Ms. Weng talked about Xi Jinping’s strategy for a strong country and how her ministry was cleaning up the university internet environment, saying, “Who wins the Internet, wins the next generation”. Explaining the risks of bad information, she described the use of an information management system to respond.

Ms. Weng then announced the winners of a national competition for lecturers, and presentations were made.

International Anti Virus Conference

Mr. Dong Jialu, Chairman of the conference, Deputy Mayor of Tianjin Municipality, Director of Public Security Bureau of Tianjin Municipality

Mr. Dong gave a welcoming speech.

Mr. Lin Rui, Member of CPC Committeee, Deputy Minister of MPS

Mr. Lin gave an address of Leaders

Ms. Wang Yun, Vice Director of Propaganda Department of CPC Committee of Tianjin, Director of Office of the Tianjin Cyberspace Affairs Committee

Ms. Wang warned that the internet is a double-edged sword, where there are frequent incidents, particularly on mobile devices. She said that Xi Jinping had likened the internet to a home for all, which we should make more beautiful. She gave three recommendations: Enhance the ecosystem govenance with laws and technology; Public / Private Co-operation; and Peace, Sovereignty and Co-Governance for a shared benefit.

Mr. Zhiang Jiancheng, Director of National Computer Virus Emergency Response Centre, Director of Network Security Protection Division, Public Security Bureau of Tianjin Municipality

Mr. Zhiang presented awards for the Mobile App Analysis Competition.

Mr. Shen Changziang, Honorary Chairman, Academician of China Academy of Engineering

Mr. Shen likened active immunity to the human immune system and explained his team’s developments from smart security cards in 1992 to an innovative architecture to combat vulnerabilities like Meltdown and Spectre that use program behaviour, such as excessive page faults, to trigger a security response, thus achieving a dynamic hardware anti-virus process.

Mr. Zhong Zhong, Counsel, Deputy Director, Network security protection Bureau of MPS

Mr. Zhong reported on the problems encountered by his bureau, which are predominately related to mobile access. In a survey of users, there was significantly less satisfaction with online security than with offline security. Many games are collecting excessive data, beyond their authorisation, which is then sold. Although there are legal remedies, particularly in Articles 41 and 42 of the cybersecurity law, he advocated publicising the issues and dealing with them socially instead of legally. There should be more security management at App stores.

Mr. Craig Jones, Cybercrime Director, Executive Directorate for Police Services, Interpol

Mr. Jones explained the work of the cybercrime section of Interpol in supporting the police forces of 194 member countries. The purpose is still detecting and preventing crime, but in an online environment. In some countries, up to 50% of cases are online and there is the chalenge of the transnational nature of the internet. Evidential examination of computer is a key component. Interpol is changing its strategy with the aim of developing a coordinated response to “the next WannaCry”. Attribution is a much needed capability, and users have to take responsibility for their own data.

Mr. Chen Jiamin, Executive Director of National Computer Virus Emergency Response Centre, Deputy Director of Network Security Protection Division, Public Security Bureau of Tianjin Municipality

Mr. Chen said that CVERC was established in 2001, and their current focus was monitoring of mobile Apps, with a weekly analysis on privacy. CVERC is cooperating with the Police and the commercial sector to identify illicit apps and remove them from the stores. Real Name identification of apps is an important tool, as is having a join action mechanism, loss regulation, SDK certification and safe services. Testing apps and SDK is a future priority.

Mr. Allan Dyer, Chairman of AVAR

Mr. Dyer introduced the Association of Anti-Virus Asia Researchers and the global malware fight. He gave an outline of recent privacy breech cases in Hong Kong that involved Cathay Pacific and the Hospital Authority, discussed the dangers of facial recognition, the worldwide effects of the GDPR and how Brexit would complicate that.

He invited participants to the AVAR conference in Osaka, Japan.

Mr. Zhang Cong, Vice President of Qu An Xin Group

Mr. Zhang talked about the concepts of indigenous security and self-operation.

Mr. Eugene Kaspersky, CEO Kaspersky Labs

Mr. Kaspersky traced the development from cybersecurity to cyberimmunity, defining cyberimmunity as when the cost of attack is greater than the cost of damage. He presented the Kaspersky OS, a secure-by-design operating system for embedded systems where a security layer isolates all modules allowing detailed permissions to be granted to apps.

Mr. Sun Shuo, Principal Data Privacy Architect of Baidu

Mr. Shun described how Baidu implemented personal data privacy across the company.

Mr. Jonathan Oliver, Global Chief Expert of Data, Trend Micro

Mr. Oliver described the cooperation between teams in Australia and Nanjing in an investigation of the “Agent Smith” Android malware.

Mr. Tony Wu, Chief Development Officer, Asiainfo

Mr. Wu explained file-free attacks, code injection and Living off the Land (LOL).

Mr. Phil Armstrong, Privacy Protection Regulation Expert, Microsoft

Mr. Armstrong discussed privacy legislation around the world, and how public dissatisfaction with privacy protections is resulting in “techlash”, pushback against technology and commercial interests. New laws can have unintended consequences. Microsoft is extending the protection of GDPR across the world: they will respond to privacy requests and complaints in accordance with the GDPR regardless of where the complaint is from.

A cybersecurity expo is being held at the same venue for the whole week, and other events are taking place around China, such as the Cyber Security Week 2019 in Hong Kong, hosted by OGCIO.