USEUROPEAFRICAASIA 中文雙語Fran?ais
    Business
    Home / Business / Technology

    Bounty platforms use 'white hat' hackers to prevent China's cyber attacks

    By Zhu Lingqing in Shenzhen, Guangdong province | chinadaily.com.cn | Updated: 2017-03-31 14:28

    Bounty platforms use 'white hat' hackers to prevent China's cyber attacks

    A "white hat" hacker explains cyber security technology at the China White Hat Conference in Shenzhen, Guangdong province, on March 30, 2017. [Photo provided to chinadaily.com.cn]

    More than 800 Chinese "white hat" hackers gathered in Shenzhen, South China's Guangdong province, on Thursday, to attend the China White Hat Conference held by 360 Business Security Group's Butian Vulnerability Response Platform (Butian).

    Unlike movie-fueled myths, most of them looked like ordinary young people in their early 20s rather than cynical, mysterious computer "nerds".

    Not yet acquiring much attention from the public, "white hat" hackers are a group of computer wizes who use hacking skills to identify the security loopholes in corporation or government computer systems to help them prevent cyber attacks.

    Bounty platforms use 'white hat' hackers to prevent China's cyber attacks

    Qi Xiangdong, chairman of 360 Business Security Group, speaks to media in Shenzhen, Guangdong province, on March 30, 2017. [Photo provided to chinadaily.com.cn]

    Qi Xiangdong, chairman of 360 Business Security Group, one of China's leading online security service providers, said at the conference that a total of 31,633 "white hats" have registered on Butian since 2013, discovering more than 200,000 vulnerabilities.

    Butian, established in March 2013, is China's first bounty vulnerability response platform.

    Aiming to act as a bridge connecting corporations with "white hats", it has developed a unique Security Response Center model, which refers to using cash awards offered by corporations to encourage "white hats" to identify loopholes for them.

    The 2016 China Internet Security Report released by the 360 Cyber Security Center said that Butian found more than 37,000 loopholes last year on over 30,000 websites.

    According to the report, 93.9 percent of the loopholes were process cases that could have been effectively used or invaded.

    "In terms of technical skills, there is no essential difference between 'white hats' and malicious hackers, which means without a good communication channel between corporations and 'white hats', corporations may find it tricky to tell whether the attacks suffered by their computer systems are of ethical will or malicious intentions," Qi told China Daily's website.

    Qi said for corporations, the platform is able to guarantee the reputation of certified "white hats", while "white hats" are offered a consistent platform to make money.

    "More than 4,000 corporations have registered on the platform, issuing cash awards of nine million yuan ($1.3 million) to 'white hats' in total," he added.

    A 24-year-old "white hat" nicked named "U Shen" said he has earned 110,000 yuan for discovering loopholes since he joined the platform in 2013.

    Ling Yun, information security director of China's biggest online travel agency Ctrip.com, said to cover the shortage of full-time cyber security personnel, the company also hired third-party platforms such as Butian to discover its vulnerabilities.

    "We set the usual price of a loophole at 3,000 yuan. Sometimes it can reach 8,000 yuan. Last year, we approximately spent one million yuan on rewarding 'white hats' from all platforms," Ling said.

    Cyber attacks along with data fraud or theft are ranked as one of the top 10 risks people are likely to face in 2017, according to the Global Risks Report 2017 released by the World Economic Forum.

    Bounty platforms use 'white hat' hackers to prevent China's cyber attacks

    HackerOne COO Wang Ning (left) and Bai Jian, director of Butian Vulnerability Response Platform, speak to media in Shenzhen, Guangdong province, on March 30, 2017. [Photo provided to chinadaily.com.cn]

    In the US, HackerOne is the largest vulnerability coordination and bug bounty platform. The startup, established in 2012, is also one of the world's first cyber security firms to utilize crowd-sourced security and hackers.

    HackerOne COO Wang Ning told China Daily's website that the platform's network now consists of around 110,000 "white hats" from more than 140 countries, of which around 1,000 are from China.

    She said the company is serving more than 800 clients and around 180,000 loopholes have been discovered.

    "Our business model is like a marketplace connecting businesses with 'white hats'. Every time corporations pay 'white hats' bounties, they also pay us fees for the platform's service. 'White hats' at our platform have earned more than $15 million in bounties," Wang said.

    Unlike HackerOne, Butian remains as a public-interest platform, according to Bai Jian, director of the platform.

    "Chinese enterprises' maturity on cyber security issues and the related laws and regulations are still weak. At present, if the platform itself makes money, it may lose the trust of some corporations of low maturity. Only by putting the commercial interest aside, we can go further," Bai said.

    In 2014, Qi Xiangdong said, compared with the US, the awareness of the importance of internet security at a corporate level was underdeveloped in China.

    "Now their awareness has improved significantly, especially after President Xi Jinping spoke on establishing China's national big data center last year," Qi said.

    "However, there is still a large gap between China and US or other European countries. While the input of cyber security accounts for around 15 percent of the total IT investments in US, it is only one to three percent in China," Qi said.

    He believes it will take five to 10 years for China to catch up with developed countries. "The potential of China's cyber security industry is huge. I expect its scale will increase from 20 billion yuan to 450 billion to 500 billion yuan in the future," Qi said.

    He emphasized talents like "white hats" will play crucial roles in the development of the industry.

    Most Viewed in 24 Hours
    Copyright 1995 - . All rights reserved. The content (including but not limited to text, photo, multimedia information, etc) published in this site belongs to China Daily Information Co (CDIC). Without written authorization from CDIC, such content shall not be republished or used in any form. Note: Browsers with 1024*768 or higher resolution are suggested for this site.
    License for publishing multimedia online 0108263

    Registration Number: 130349
    FOLLOW US
    中文字幕在线观看亚洲视频| 日韩AV高清无码| 中文字幕精品久久久久人妻| 日韩爆乳一区二区无码| 免费在线中文日本| 精品久久久久久无码中文字幕| 亚洲AV无码一区东京热久久| 亚洲中文字幕在线第六区| 人妻丝袜中文无码av影音先锋专区| 亚洲精品欧美二区三区中文字幕| 亚洲国产精品无码久久九九| 无码GOGO大胆啪啪艺术| 中文无码伦av中文字幕| 亚洲视频中文字幕| 国产精品 中文字幕 亚洲 欧美| 无码AV片在线观看免费| 中文字幕无码乱人伦| 久草中文在线观看| 色综合久久无码中文字幕| 中文字幕在线播放| 免费人妻无码不卡中文字幕系 | 亚洲AV永久无码精品一区二区| 熟妇无码乱子成人精品| 亚洲国产精品无码久久久蜜芽| 天堂中文8资源在线8| 亚洲日本中文字幕| 亚洲激情中文字幕| 少妇中文字幕乱码亚洲影视| 亚洲中文字幕无码中文字在线 | 人妻无码人妻有码中文字幕| 国产高清无码二区 | 亚洲国产精品成人AV无码久久综合影院| 青青草无码免费一二三区| 免费A级毛片av无码| 无码中文人妻在线一区二区三区| 亚洲一区二区三区无码中文字幕| 日本无码色情三级播放| 国产AV无码专区亚洲AV漫画| 狠狠精品久久久无码中文字幕| 熟妇人妻系列av无码一区二区| 中文字幕无码一区二区三区本日 |