2011年1月网络安全监测数据分析

Network Security Monitoring Data Analysis Report of 2011 January

根据CNCERT监测结果,2011年1月,中国境内僵尸网络受控主机数量略有增长,境内木马受控主机和网页篡改数量有所下降。恶意代码活动情况方面,中国大陆地区约有46万个IP地址对应的主机被木马程序控制,较2010年12月下降51%[1];中国大陆地区约有14万个IP地址对应的主机被僵尸程序控制,较上月增长1%;网站安全方面,中国大陆地区被篡改网站数量为5596个,较上月下降5%,其中被篡改政府网站数量为337个,较上月的544个下降38%,占大陆被篡改网站比例由9.23%减少到6.02%

According to CNCERT, the number of IP address including dynamic IP of computers embedded with Bot code has increased to some extent during January 2011 in Chinese mainland discovered via sample monitoring, however, the number of IP address embedded with Trojan and the number of defaced website have decreased. The main indicators of the nationwide internet security situation show as below： In terms of malicious codes; we discovered about 460,000 IPs in Chinese mainland been controlled by Trojan, decreased by 51 %,compared with last month; and about 140,000 IPs in Chinese mainland been controlled by Botnet , increased by 1%; In terms of website security, the number of defaced websites has decreased by 5 % with the number 5,596,compared with last month. Among the 5,596 defaced websites, about 337 websites ended with gov.cn, decreased by 38%（note： the number of last month is 554）,that is to say above 6.02% of the China government websites have been defaced with the ratio of last month 9.23%.