Ding Yu (first from left) and colleagues discuss the issue of network security maintenance. Courtesy of Yunnan Mobile
Since entering the information technology department of China Mobile Yunnan Company in 2012, Ding Yu has devoted himself to the work of network security protection, with the hard work and dedication to the work, accumulated a wealth of network security work experience, and gradually grown into a recognized network information security technology expert, and has won the "May Day Labor Medal" of Yunnan Province, the nomination award of "The Most Beautiful Yunling State-owned Enterprise" by the Party Committee of the State-owned Assets Supervision and Administration Commission of Yunnan Province, the "China Mobile Craftsman" and "China Mobile Youth Job Expert" and other honors, which are named by the Yunnan Provincial Federation of Trade Unions" Yunling Craftsman Ding Yu Innovation Studio".
In the past eight years, together with his colleagues on the network security front, he has worked diligently and conscientiously to create a network security protection barrier for China Mobile Yunnan. He always firmly believes that "responsibility is greater than ability, safety is more important than Taishan", and he must constantly hone his skills and will in his work, and strive for excellence on the road of network security.
Learn to grow into a cybersecurity expert
Today's cyberattacks are no longer about destroying systems or showing off through computer viruses, but more about stealing trade secrets, buying and selling customer information, and even threatening national security. Ding Yu is well aware that network security is not only related to national security and the normal operation of society, but the essence of network security is to better serve the country and society. The network security skills they master must be better applied to their daily work in order to truly reflect the value.
On paper, I finally realized that I had to do something about it. Out of a strong interest in network security, Ding Yu will squeeze out an hour of time to read professional books every day after work, find various learning resources on the Internet, learn the basic knowledge of network security, keep up with the development of network security, and continuously improve his professional skills and professional knowledge. In the eyes of leaders and colleagues, he is a diligent and studious "erudite", a tireless "desperate sanlang", a "technical expert" who studies hard... Driven by Ding Yu, the team's ability to judge vulnerabilities and deal with unexpected problems has been greatly improved.
In 2016, due to his expertise in information security, he successfully joined the "Caiyun Team", a virtual team for major network and information security activities in China Mobile. After joining the "Caiyun Team", he found the organization like a "ranger scattered courage", in addition to the usual one hour a day, he also discussed the exploitation of vulnerabilities and hazard protection strategies with the teammates of the "Caiyun Team" during other people's weekend breaks, improved his ability in vulnerability research, and actively participated in online network security competitions to consolidate the basic skills of information security. In November 2017, he won the third prize and individual third prize of the Communication Network Security Administrator Skills Competition of the Communications Enterprise Association of the Ministry of Industry and Information Technology, and the third prize of the Third Information Security Skills Competition of the Information Security Management and Operation Center of China Mobile Communications Group Corporation in December 2017.
Kung Fu pays off. In 2018, Ding Yu won the first place in the Yunnan Provincial Employee Vocational Skills Competition cyber security officer competition and won the title of technical champion. At the same time, Yunnan Company also won the first place in the team final of the 6th National Employee Vocational Skills Competition for Cyber Security Officers. Since then, China Mobile Yunnan Company's network security competition results have begun to emerge, and it has repeatedly obtained excellent results in various competitions at the provincial and group levels. Dante Yu and his teammates' study and study of network information security did not stop there, but continued to work hard to come out on top. In the 2019 China Skills Competition - National Telecom and Internet Industry Network Security Management Vocational Skills Competition, the representative team of China Mobile Yunnan Company won the first prize of both the operator and the operation field. These honors are not only due to his tireless study of cybersecurity work, but also in his highly responsible work attitude towards business and society.
At present, IT systems have become an important component of enterprise operations, and the data stored in IT systems is related to the property and even life safety of enterprises and customers. As a cybersecurity expert of the company, Ding Yu knows that protecting the security of customer information is a heavy responsibility on his shoulders. In order to continuously reduce the probability of security incidents, Ding Yu often gives some IT systems a "look at the disease" - to carry out security assessments and security vulnerability mining. As a member of the "Caiyun Team", he and his colleagues on the cybersecurity front work around critical system security assessments and emergency response to security incidents. In daily work, through brainstorming, we provide ideas and suggestions for the work of network security protection of enterprises. Before each important activity guarantee and skill knowledge competition, Ding Yu and his teammates will be fully prepared, carefully studied, often discussed until late at night, and improve their skills again and again in actual combat. In addition, every year they learn and discuss the development of cybersecurity offensive and defensive skills with industry experts through skills training, and deeply study the countermeasures and skills of cyber security risks. Since 2018, they have successfully completed the network security guarantee tasks of many major national and provincial activities, achieving "zero major network failures, zero major security incidents, and zero important customer complaints".
Overcome difficulties so that security vulnerabilities have nowhere to hide
With the vigorous development of the computer communication industry, the exponential growth of users' personal information, business data and information systems have become important information assets for the survival of enterprise development, which also makes criminals look forward to it. The 4A system that Ding Yu is responsible for realizes the identity security management and operation traceability of internal and external users of the enterprise, runs through the pre-management, in-process control and post-audit of the enterprise's network security risks, and builds the first barrier of enterprise network security, thereby protecting the enterprise's information assets and data from infringement and protecting the interests of customers from damage.
In 2010, the 4A system began to be built and landed, and after years of iterative optimization, 100% real-time monitoring and recording of staff operation behavior was achieved in 2017. Cybersecurity personnel can query and analyze operational behavior in less than 5 seconds. 100 security analysis scenarios can comprehensively analyze logs at different time granularities to discover high-risk operational behaviors as quickly as possible. With the development of technology, Ding Yu began to lead the planning of the evolution of the 4A system to a company-level user center and certification center. The landing of the user center can further unify the user identity information of the IT system, provide secure unified authentication, and quickly synchronize user identity and organizational data for 20 group and provincial systems. The construction of 4A and user center makes every person, every account, and every system login safely controllable, manageable, and traceable.
"The interests of customers are more important than mountains, and there is no place to hide security vulnerabilities", this is a phrase that Ding Yu often mentions when discussing projects, and it is also the criterion of his work. In order to better improve the security capabilities of the information system, Ding Yu discovered potential security vulnerabilities in the system through careful logical thinking, meticulous observation, and skillful use of various tools. He used his professional knowledge, combined with the work experience accumulated in his work, and constantly honed his professional skills, and found 8 high-risk vulnerabilities covering 17 systems for multiple systems such as companies, government and enterprise customers.
The maintenance work is sudden and requires timely response. In particular, once a fault is found, the impact of the fault should be analyzed in time and repaired quickly. One evening in 2017, the frequent crash of a computer terminal in a business hall caused Ding Yu to be alarmed, and he immediately reported to the leader and worked with colleagues on the entire security front to discuss and analyze the incident. After on-site forensic analysis and research, the cause of frequent terminal crashes was finally confirmed - computer virus infection. That night, he and his colleagues on the security front rushed to the scene of multiple business halls that may be infected, and according to the response strategy determined by the research, they checked and strengthened all the computer terminals at the scene, and finally "cut the grass and rooted out" the virus, effectively curbed the spread of the virus, and reduced the loss caused by the virus to the enterprise terminal and network security to the lowest point.
Where the customer's demands are, Ding Yu's work is there. Since 2016, Ding Yu has been doing a systematic security assessment for a mobile app application of the company, testing and analyzing the application through a variety of security technologies. In 4 years, he found 7 high-risk hidden dangers of the application, reducing the risk of malicious users stealing the company and employee information. After discovering the hidden danger points, Ding Yu always communicates with the application developer at the first time, explains the existing risks in detail and provides effective rectification plans to assist the developers in continuously improving the application software. Through continuous security assessment, the security of the mobile app software has been continuously improved, and the security capability of the company and employees' sensitive information has been enhanced.
In the outbreak of the epidemic in 2020, as a communist party member and a fighter on the cybersecurity front, Ding Yu has always fought with his colleagues on the front line. The criminals on the Internet have not stopped their activities because of the epidemic, but have instead used information related to the epidemic to carry out fraud. Cybersecurity threats are far and near, day and night, and still need to continuously strengthen security analysis and security reinforcement to ensure the stable and safe operation of the system. After returning to work in early February, Ding Yu further implemented the requirements of the special work on information security during the epidemic. First of all, through system performance optimization, the detection frequency of network security attack behavior is increased. Secondly, optimize the analysis model of system operation and operation logs, find abnormal system information operation behavior faster and more accurately, and carry out network security assessment of IT system at the first time to ensure that there are no vulnerabilities in the system that can be exploited.
Since 2012, Ding Yu has maintained a reverence for professional skills and a desire for professional knowledge in his work, insisted on learning, studied hard, and continued to practice in his work, using his unremitting craftsman spirit and excellent professional skills to confirm his original intention of learning network security and his determination to fight for the cause of network security, and in this battlefield without smoke of gunfire, he used his own perseverance and hard work to walk out of the most beautiful ordinary and firm ingenuity road.
Yunnan network reporter He Jing
!["Musical Alien" Ding Yu is actually "King of the Theme Song"?[fig]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)