CodeRedⅡand Nimda: erupted in Aug. and Sep. 2001 and quickly spread all over the world. CNCERT/CC collected a large number of data, and drove to form an emergency response alliance with many professional organizations including all ISPs involved in to tackle the new security challenge jointly in order to ensure that the network would not be broken down in large scale. The experience of handling these incidents promoted the construction progress of our National Computer Network Emergency Response System directly. SQL Slammer: erupted in Jan. 2003 and made a highly severe impact on the global network resulting in the network broken down in large scale. The National Computer Network Emergency Response System with the core of CNCERT/CC worked together to complete timely detection, exact identification and fast recovery with the event. This incident was made to be under control effectively within a single day in China. Deloder: erupted in Mar. 2003 and blocked quite a few network area in China badly. It's more difficult to defend against this worm as it exploits the vulnerability of weak password instead of technical flaw to launch attack. Through the National Computer Network Emergency Response System, CNCERT/CC discovered and analyzed the worm in time, and contained it spreading effectively and efficiently together with its partners. The whole network was kept away from severe impact eventually. Blaster/Blaster Remove: erupted in Aug. 2003 with an enormous infection. The network speed slowed down in some regions and a lot of PC users are infected. CNCERT/CC always kept in touch with foreign CERTs and domestic CERTs during the handling process, and corresponded each other, and opened a special news area at the website for the first time and provided users with technical support services. DOS: CNCERT/CC tackled many DOS attack cases involving governmental portals, large ISPs and important websites in 2003. During the handling processes, CNCERT/CC got to track and locate attack sources with the close cooperation with ISPs nationwide. Web Defacement: CNCERT/CC discovered many cases about web defacement in 2003, and contacted local related agencies to inform users and helped to solve the problem in time. Web Fraud: CNCERT/CC received many reports on web fraud event, e. hackers intruded in victim's machines and made fraud to users of banks or commercial sites. CNCERT/CC quickly solved all these problems with the cooperation from related CERTs. Others: CNCERT/CC received more than 13,000 reports on general security events in 2003 and handled them according to international rules. In 2003, CNCERT/CC detected around one million times of attack attempts targeted to Chinese networked computers on Internet via 863-917 network security monitoring platform.