Ladies and gentlemen,
Good morning!
I am pleased to have the opportunity to take part in the second UK-China Internet Roundtable. With the popularity of its application, the Internet plays increasingly important role in political, economic, cultural and social life. Meanwhile, the threat to a safer Internet keeps evolving along with the development of the Internet and its application, and appears to be much complicated. Internet security has become a common issue faced by all nations. I would like to take this opportunity to brief you the situation China faces in terms of Internet security, and share with you my thoughts.
1. The situation of the Internet security in China and the challenges China faces
With years of fast growth, the Internet has penetrated aspects of economic, social and daily life in China. The Internet has grown to be the key infrastructure of China. By the end of June 2009, the number of Chinese netizens reached 338 million, with the Internet penetration rate at 25.5%. Among which, 320 million Internet users accessed the Net via broadband. The total bandwidth of the Internet access into and out of China was 748G, the number of websites was 3.06 million, and that of domain names was 16.26 million. Over the recent years, with the joint efforts of the whole society, the operation of the Internet in China has been sound and smooth. But we must recognize that the threats, both internal and external, to the Internet security keep upgrading. As driven by various interests, security incidents that are caused intentionally have remarkably increased, virus, spam, forgery, web defacement, Trojan hosts, attack of service refusal, and hijack of domain names happen from time to time. In particular, Trojan horse and Botnet grow rampant and cause great harm. Even worse, illegal underground chains of industry with distinct division of labor have been formulated. Statistics show that in 2008 the scale of service market of the Internet security exceeded 8 billion yuan, which indicates from one aspect the great input gathered to confront the underground industry threatening the Internet security. The harm of the Internet security incidents has affected not only general users and corporate interests, but the operation of the Internet infrastructure.
2. Work of the Ministry of Industry and Information Technology related to the Internet security
As the governmental department in charge of the Internet industry, the Ministry of Industry and Information Technology shoulders the responsibilities of supervising and maintaining the security of public Internet. Much has been done over the years in this regard
(1) Safe Internet legislation and stipulation of standards. At the level of state legislation, the stipulation of Telecommunication Act of the People's Republic of China and Regulations of Information Security has been vigorously promoted, contents of Internet security have been included. At the level of departmental legislation, in 2006 the Ministry promulgated Internet E-mail Service Regulations, with the aim of preventing spam. Besides, regulations of communication network security are being stipulated which will require the Internet enterprises to adopt network security protection, conduct security and risk appraisals on a regular basis. Standards with regard to the Internet security are being set forth.
(2) Building of prevention and protection system of the Internet security. In line with the principal of “putting prevention first”, the prevention and protection system of the Internet security is being built. On the basis of understanding the status quo of networks and systems of Internet enterprises in the country, focused inspections on Internet security have been conducted, weak links have been exposed in a timely manner, and rectification has been monitored. Risks of being maliciously attacked or used have been reduced, and interest of users protected. Security protection of the system of domain names has been intensified to avoid hijack of domain names or forgery.
(3) Strengthening the governance of the public environment of the Internet. Over the years, the Ministry has made much progress in giving play the role of enterprises, supportive entities, as well as industry associations and in combating spam, Trojan horse and Botnet. In 2006, the Ministry supported the Internet Society of China to establish its Internet Spam Reporting and Handling Center. In 2008, on the basis of that Center, 12321 Reporting Center of Harmful Information and Spamon the Internet was established, the public can report to the Center via hotline, e-mail or text message. Remarkable achievement has been scored. Reports by international network security institutes such as Symantec, Sophos show that, the number of spam in China has dropped considerably in recent years. In 2009, Monitoring and Handling Methods of Trojan horse and Botnet has been issued, telecommunication enterprises, ISPs, China National Computer Network Emergency Response Technical Team (CNCERT) make concerted efforts in controlling Trojan horse and Botnet. In July 2009, the Ministry supports the Internet Society of China to set up the League of Anti-virus. Telecommunication enterprises, portal websites, search engines, ISP, IDC, as well as network security enterprises work together to sign the Self-regulatory Pledge of Anti-virus aiming at resisting and combating network virus.
(4) Improving the emergency response mechanism of network security. Incidents of network security are handled in a timely and effective manner, the loss and harm inflicted by these incidents are minimized, enterprises are guided and coordinated to intensify monitoring of incidents, sharing information and handling jointly the incidents. Enterprises are asked to set forth precautionary response system for network emergencies. When network incident happens, the enterprises must respond promptly on the one hand to ensure the immediate resumption of operation, and on the other, report in a timely manner in order to share information. The Ministry also holds regular meetings for the industry on network security as a platform to notify trends of network security in order to better prevent from any incidents. In addition, the Ministry organizes emergency response drills to improve the ability of responding emergencies of the industry.
(5) Guaranteeing network security during major events in the country. In 2008, the Olympic Games and Paralympics were successfully held in Beijing. Before the Games, the prevention and protection of network security of enterprises were inspected, hidden perils were removed, and the level of protection and prevention were improved. At the same time, CNCERT provided network security monitoring and handling support for the core system of the Games and the information systems related to the Games to prevent from possible security incidents. To minimize Trojan horse and Botnet in China, CNCERT controlled them in focused actions. With the joint efforts of parties concerned, the Internet in China during the Games run sound and smooth and no major incidents occur, which contributed to “a people's Olympics, a safe Olympics, a scientific Olympics, and a green Olympics”.