Exclusive interview with crowdstrike: China's cyber warfare and defense capabilities from the perspective of "super cannon"
mob604757044d68 2021-07-20 04:33:41

Among the many speeches at the black hat Conference , There is a talk about China . Two from CrowdStrike Security researchers Adam Kozy and Johannes Gilger From the academic and technical point of view, this paper studies the so-called China's cyber weapons that have been hyped in the previous paragraph “ Super cannon ”(The Great Cannon).


 picture


In his speech, , They did source tracking and code analysis on the super cannon , And analyzes some common security defects of domestic websites . After the meeting , Safety bull reporter interviewed one of the speakers Adam Kozy, Let him talk about China's network operations and defense capabilities from the perspective of a foreign security researcher . Here's an excerpt from the interview :


Safe cattle ( Ann ):Adam, First of all, thank you for your interview with safe cow , As a Chinese media company , Your analysis of China's network security at the black hat conference is unique to us . I'm glad to have the opportunity to communicate with you .


Adam: I'm really happy , I'm a big fan of safety bull (a big fan). We are also very concerned about China's network security media and information platform , Including platforms like black cloud , It's also an information platform that we're very concerned about .


Ann : In your speech , You are right. “ Super cannon ” Did some technical analysis , From a technical point of view , What do you think “ Super cannon “ What's your level ?


Adam:“ Super cannon ” To show the world that such an attack is tenable . however , In our speech , We captured “ Super cannon “ For injection JavaScript Code . Through research , We found this piece of code badly written , And we Baidu a bit , from CSDN You can find the same code on the . This code looks like it was copied by interns from the Internet . We were even surprised ” Super cannon “ So crude from a technical point of view . Of course , We also found that , This code is also gradually improving , It was much better later .


Ann : It's a great honor to get the attention of foreign security community  picture . In your speech , You also mentioned that Chinese websites are adopting HTTPS There is a general deficiency in this respect , This is also “ Super cannon “ The key to success , Can you talk about the shortcomings of Chinese websites ?


Adam: We studied and compared the adoption of... By the largest websites in China HTTPS and HSTS The situation of , Compared with several major international websites , Chinese websites are adopting HTTPS and HSTS There are many shortcomings in this respect . in addition , Like China's largest search engine Baidu does not include HTTPS The site of , This also affects the adoption of the website objectively HTTPS and HSTS Enthusiasm . and HTTPS and HSTS To a large extent, it can prevent Cookie Hijacking and other attacks . The problem is , The biggest commercial website in China has such security problems , Then the attacker could take advantage of “ Super cannon ” A similar attack means to attack .


The following two pictures show Important websites in China and the United States adopt HTTPS and HSTS Comparison of the situation (CrowdStrike Provide information )


 picture


 picture


Ann :CrowdStrike There have been many research reports on China's cyber attacks , Are you doing research specifically for China ?


Adam: In fact, we are not divided into countries in threat information research , We study hacker attacks in various countries . This also includes hacking activities in western countries . however , We are an American company , So about China 、 Russia 、 Reports from countries like Iran are relatively easy to get attention .


Ann : It seems that it's easy in America “ Politically incorrect “ In our country , Blaming China is indeed one of the few “ Politically correct ” What happened .


Adam: ha-ha , You'll see .


Ann : well , Thank you very much Adam Give us an interview , I'd like to invite you to China for exchange in the future .


Adam: well , Thank you very much , I am also willing to communicate more with my Chinese counterparts .


Safety bull review :


As a long-term concern for network security media , We are very happy to be able to see China's network security level from the perspective of foreign researchers . From a series of Foreign Studies on China's network operations and defense . Compared with advanced countries such as the United States, our country's network combat capability and defense level are still very insufficient .


For example, it's easy to trace the source of network attacks , Divulging personal information on social media and so on . In this regard, even Russian cybercrime groups have done better . Besides , We also feel deeply that , China's international exchanges in the field of network security are insufficient , A lot of times we do “ chicken ” perhaps “ The springboard ” And be accused of being an attacker , And we don't even have a chance to defend .


Security bull also hopes to play a role in promoting the exchange of people in the network security industry at home and abroad in the future .


Please bring the original link to reprint ,thank
Similar articles

2021-08-09

2021-08-09