What Makes Chinese Government Websites Vulnerable? Study Highlights Key Risks

Researchers from Harbin Institute of Technology examined nearly 14,000 Chinese government websites and identified numerous security weaknesses that could enable malicious attacks.

The study, posted on Research Square, highlights challenges such as missing DNS NS records for more than a quarter of sites, heavy reliance on five DNS providers, and the risk of single points of failure.

It also found that 4,250 sites use vulnerable jQuery versions susceptible to CVE‑2020‑23064, and that server redundancy is insufficient for optimal security and reliability.

Furthermore, the authors note that China Mobile, China Telecom, China Unicom and Alibaba Cloud together hold 98.29% of the ISP market, meaning an outage or attack on any of them could disrupt a large portion of the government web infrastructure.

References: https://www.researchsquare.com/article/rs-4275987/v1 and https://www.theregister.com/2024/05/03/china_gov_web_vuln/

Related reading:

Rust memory safety technical analysis

8 website design trends to watch in 2024

Biden administration: developers should avoid C/C++ for memory‑safe languages