Work together to build a secure network and digital ecosystem

Today, digital transformation led by emerging technologies such as cloud computing, big data, the Internet of Things, artificial intelligence, and mixed reality is setting off a magnificent industrial revolution around the world. With the rapid development and popularization of technological innovation, people's lives, corporate benefits, and economic development are increasingly dependent on information infrastructure, business applications, and digital services. At the same time, the potential threats to network security and data protection are becoming increasingly severe.

Driven by economic interests, cybercrime is becoming more diversified and globalized

Surveys show that the pursuit of economic gain has become the primary driving force behind cybercrime, with more than 50% of cybercrime currently committed for profit [https://cybersecurity.isaca.org/state-of-cybersecurity#3-part-2-june]. In 2017, spear-phishing attacks targeting specific companies caused an average of $1.6 million in economic losses to companies, while the average cost of a data breach was $3.6 million [2017 Cost of Data Breach Study: Global Overview]. It is predicted that by 2022, various forms of cybercrime will cause economic losses of up to $8 trillion worldwide [The Future of Cybercrime & Security: 2017-2022 (Juniper Research)].

[[241611]]

Tan Ruiqiong

Executive Director of Public and Legal Affairs Department, Microsoft (China) Co., Ltd. Senior Lawyer

The profit-seeking nature drives cybercrime to constantly seek new breakthroughs, and also makes cybersecurity threats present a trend of diversified development. In May 2017, the outbreak of ransomware caused economic losses of more than 8 billion US dollars to more than 150 countries around the world; and with the surge in the value of digital currencies such as Bitcoin in the second half of 2017, malicious attacks that hijack hosts and cloud computing resources for "mining" have shown explosive growth - the number of terminal hosts hijacked for mining has increased by 8,500% in 2017. At the same time, cybercrime has also targeted IoT devices, and the number of IoT devices that have been "hacked" for mining in 2017 has also increased by 600%. In addition, malware and privacy leaks targeting smartphones are still increasing, and supply chain attacks implemented by hijacking software update programs are also showing a rapid growth momentum.

Not long ago, the China National Computer Network Emergency Response Technical Coordination Center (hereinafter referred to as the National Internet Emergency Center, CNCERT/CC) released the "2017 China Internet Network Security Report" pointing out that Trojans and botnets, mobile Internet malicious programs, networked smart device malicious programs, denial of service attacks (DDoS), data leaks, security vulnerabilities, phishing and fraudulent websites are the main challenges facing my country's current network security and data protection. Monitoring data show that in 2017, many security threats encountered by Chinese users came from overseas servers, and cybercrime showed a trend of global development: about 32,000 computer malicious program control servers located overseas controlled about 11.01 million hosts in my country; in denial of service attacks, more than 85% of the forged traffic in reflection amplification attacks came from overseas; at the same time, the proportion of overseas registrations of phishing and counterfeit website domain names and IP addresses increased by 14.2% and 7.8% year-on-year in 2017, respectively, both showing a trend of migration to overseas.

Microsoft works closely with Chinese partners to effectively respond to security threats

To effectively deal with the trend of diversified development and global spread of cybercrime, more active and effective extensive cooperation and timely response are needed around the world. Taking the ransomware virus outbreak in 2017 as an example, on the morning of May 13th, Beijing time, Microsoft received a notice from the China National Internet Emergency Center regarding the outbreak of the WannaCry virus and its assistance in handling it. That afternoon, Microsoft released the "User Guide for Protection against WannaCry Malicious Attacks" and released official security update patches for Windows XP and Windows Server 2003 operating systems that had previously stopped official support. On June 14th, Microsoft actively responded to the recommendations of the National Internet Emergency Center and other national governments and once again released update patches for other security vulnerabilities in Windows XP and Windows Server 2003. Through close cooperation with the National Internet Emergency Center, Microsoft provided security support for the old operating systems still used by Chinese government and corporate users at the first time, helping to reduce potential losses and impacts.

In dealing with security threats including malware and botnets, Microsoft has long established a close cooperative relationship with relevant units such as the China National Internet Emergency Center. Since 2010, Microsoft has cooperated with Internet service providers, Internet Emergency Centers and law enforcement agencies around the world and in various countries to carry out 15 large-scale joint operations aimed at combating botnet control servers. In five of these operations, Microsoft worked closely with the National Internet Emergency Center and successfully disposed of a large number of botnet control servers. These included the DorkBot botnet that infected 100,000 new hosts each month, the Citadel botnet that affected 5 million users, and the Nitol botnet that controlled 70,000 subdomains. The joint disposal actions of Microsoft and the National Internet Emergency Center protected the security of a large number of computer users in China and purified the Internet usage environment.

In fact, Microsoft and China have a long history of cooperation in the field of network security. In February 2003, China and Microsoft officially signed the "Government Security Program (GSP)", becoming one of the first countries to sign the agreement with Microsoft. The mission of Microsoft's "Government Security Program (GSP)" is to follow the principles of transparency, privacy, compliance, and security, provide the necessary security information and resources to governments and international organizations participating in the program, and help them understand Microsoft technology by building full mutual trust, so as to protect themselves and their citizens. At present, 92 institutions representing 46 countries and international organizations have joined the program. Participants can have controlled access to the source code of Microsoft products, exchange threat and vulnerability information with Microsoft, participate in technical content discussions of Microsoft products and services, and have the right to access Microsoft Technology Transparency Centers in the United States, Belgium, Singapore, Brazil and China.

Microsoft calls for joint efforts to build a cross-border, cross-industry, and cross-platform cybersecurity and digital security community

The tide of digital transformation has accelerated the development and application of innovative technologies, but also increased the potential risks of global cybersecurity and data protection. As a responsible technology company, Microsoft hopes to plan ahead and establish a set of globally recognized basic behavioral norms and ethical standards in the field of cybersecurity and data protection to minimize the risk of potential cyber conflicts and the resulting damage and losses to the global economy, business operations and people's lives.

It is for this reason that Microsoft first proposed the "Digital Geneva Convention" at the "RSA" held in February 2017, hoping to formulate an international agreement like the "Geneva Convention" in the cyber world, with a globally recognized code of ethics to constrain the behavior of all parties in cyberspace and do its utmost to reduce the potential harm and impact on civilians. The main contents of the "Digital Geneva Convention" proposed by Microsoft include: cyber conflicts should not target technology companies, private enterprises or critical infrastructure; government agencies should assist private enterprises in discovering, containing, responding to and recovering from security incidents; governments should disclose vulnerabilities to suppliers instead of storing, selling or exploiting them; exercise restraint in developing cyber weapons and ensure that any development is limited, precise, and not reusable; commit to preventing the proliferation of cyber weapons; and limit offensive operations to avoid large-scale security incidents.

In order to truly implement the concept of building a global cybersecurity order, Microsoft further proposed the initiative of building a "Cybersecurity Tech Accord" at the 2018 RSA Conference. The "Cybersecurity Tech Accord" is a public commitment to protect and support people's rights to go online and to improve the security, stability and flexibility of cyberspace. At present, 44 global companies have announced their participation in this agreement, including Cisco, Dell, Facebook, LinkedIn, Oracle, Salesforce, SAP, VMWare, etc. In addition to Microsoft, the companies participating in this agreement jointly promise to: protect users and customers around the world; oppose any cyber attacks against users and customers; help users, customers and developers strengthen cybersecurity protection; and work with like-minded organizations to strengthen cybersecurity. Two weeks ago, on August 9, the "Cybersecurity Tech Accord" officially recognized the "Managing Routing Security Norms (MANRS)". This is a specification designed to enhance the adaptability and security of the global Internet routing system, and it is also the first cybersecurity code of conduct publicly supported by the "Cybersecurity Tech Accord". Whether it is logging on to a website, using a credit card to trade online, or searching and exchanging information, it is inseparable from a stable and secure network environment, but unexpected events may affect the routing infrastructure at any time, causing various delays. In 2017 alone, there were more than 14,000 routing outages or attacks, resulting in hijacking, data breaches, data loss due to spoofing and other security incidents - the "Routing Security Specification" will help standardize and reduce such risks.

Microsoft Cloud Technologies Helps Chinese Customers with Cybersecurity and Digital Security

While calling for joint efforts to address cybersecurity and digital security challenges, Microsoft is also fully leveraging its own advantageous resources to actively respond to the increasingly stringent requirements of the global market for cybersecurity and data protection, helping Chinese customers participate in international market competition more safely, efficiently and in compliance with regulations.

Around the world, Microsoft Azure cloud services have obtained and passed more than 70 legal and regulatory standards certifications related to security, compliance, and privacy protection, and more than 90% of the world's "Fortune 500" companies are using Microsoft cloud services. In China, Microsoft Azure operated by 21Vianet has passed China's "Trusted Cloud" certification and Grade 3 protection assessment. In the four years since its official commercial use, Microsoft Azure operated by 21Vianet in the Chinese market has won the trust of more than 110,000 corporate users and more than 1,400 cloud partners, and more than 1.5 million paying corporate users are using Office 365.

On May 25 this year, the EU General Data Protection Regulation (GDPR) officially came into effect, making data protection the focus of attention from all walks of life. Microsoft's global cloud services have achieved full compliance before the official implementation of GDPR. In the Chinese market, Microsoft Azure and Office 365 operated by 21Vianet also provide customers with technical and contractual commitments that meet their GDPR compliance needs. Microsoft believes that privacy and data protection will become increasingly important information security criteria, both in China and in the global market. GDPR is not only about Europe. For Chinese companies that play an increasingly important role in the European and even global markets, GDPR compliance is also related to the company's future strategic decisions.

As a platform and productivity company, Microsoft's mission is to empower every person and every organization in the world to achieve extraordinary results. Facing the opportunities brought by new technological changes, as well as the challenges and security risks that come with them, Microsoft will continue to provide safe, reliable, and compliant technologies, platforms, services, and solutions to the global and Chinese markets in a responsible manner, and contribute to the global efforts to jointly build a safe network and digital ecosystem.