Hot spots of the week | the Ministry of Foreign Affairs responded to the US quantum attack; EU issued the Digital Market Act; statistics on China's software business from January to February

In response to the previously reported NSA quantum attacks continue to launch large-scale cyber operations around the world, especially cyber attacks against China, Foreign Ministry spokesman Wang Wenbin at a regular press conference on March 24, once again urged the United States to be a responsible country in cyberspace and stop cyber theft and attacks against China and the world. The US side should first abide by the rules that other countries are required to abide by. Click to read the details: [the Ministry of Foreign Affairs responds to the US quantum attack: the so-called "clean network" is just "ecstasy"]

According to reports, the European Parliament, the European Council and the European Commission reached an agreement on the Digital Market Act on the evening of the 24th. The bill sets rules for portal companies that control access to data and platforms. it will cover online intermediary services, social networks, search engines, operating systems, online advertising services, cloud computing, video sharing services, web browsers and virtual assistant portal enterprises. It will put an end to the abuse of market dominance by digital giants, the report said. The main points are as follows: the goal is to remain competitive; target GAFAM (Google, Apple, Facebook, Amazon and Microsoft); regulate mergers and acquisitions; and use data.

On March 18, the State Administration of Market Supervision and Administration and the State Standardization Administration issued the No. 2 announcement of the National Standards of the people's Republic of China in 2022. Approval of the national standard "Information and industrialization Integration Management system New capability grading requirements" (GB/T 23006-2022), "Information and industrialization Integration Management system Evaluation grading Guide" (GB/T 23007-2022) and "Information and industrialization Integration Management system production equipment Management capability maturity Evaluation" (GB/T 23021-2022) officially issued. Click to read the details: [three national standards for the integration of the two modernizations have been officially released and implemented]

The Central Network Information Office and other 12 departments jointly issued the pilot list of IPv6 technological innovation and integration applications. The circular points out that 22 comprehensive pilot cities and 96 pilot projects have been identified through the procedures of recommendation, expert review and review, and online publicity organized by local and relevant departments. Click to read details: [the Central Internet Information Office and other 12 departments jointly issued the pilot list of IPv6 technological innovation and integration applications]

Statistics from the Ministry of Industry and Information Technology show that from January to February, the revenue of China's software business was 1.1792 trillion yuan, an increase of 11.6 percent over the same period last year, and the growth rate was 6.1 points lower than that of the whole of 2021. Profits in the software industry totaled 133.2 billion yuan, down 7.6 percent from the same period last year. Software business exports totaled US $7.75 billion, an increase of 7.1% over the same period last year. Of this total, revenue from software products was 271.4 billion yuan, up 9.0 percent from the same period last year; revenue from information technology services was 770.3 billion yuan, up 13.1 percent from the same period last year; revenue from information security products and services was 25.7 billion yuan, up 11.4 percent from the same period last year; and revenue from embedded system software was 111.8 billion yuan, up 7.8 percent from the same period last year. Click to read details: [Ministry of Industry and Information Technology: China's software business income of 1.1792 trillion yuan from January to February increased by 11.6% over the same period last year, and information security products and services revenue of 25.7 billion yuan]

On March 22nd, the National Information Security vulnerability Library (CNNVD) released information about Redis code injection vulnerabilities (CNNVD-202202-1622, CVE-2022-0543). An attacker who successfully exploits this vulnerability can remotely execute malicious code on the target server, thereby taking control of the target server. Versions below 5.0.14 of Redis 5.x series, 6.0.16 of Redis 6.x series, and below 7.0-rc2 of Redis 7.x series are affected by the vulnerability. At present, a new version of Redis has been released to fix the vulnerability. Please confirm whether it is affected by the vulnerability and take remedial measures as soon as possible.

Collation of the magazine Network Security and Informatization

Recommended reading: