Among the many speeches at the black hat Conference , There is a talk about China . Two from CrowdStrike Security researchers Adam Kozy and Johannes Gilger From the academic and technical point of view, this paper studies the so-called China's cyber weapons that have been hyped in the previous paragraph “ Super cannon ”（The Great Cannon）.
In his speech, , They did source tracking and code analysis on the super cannon , And analyzes some common security defects of domestic websites . After the meeting , Safety bull reporter interviewed one of the speakers Adam Kozy, Let him talk about China's network operations and defense capabilities from the perspective of a foreign security researcher . Here's an excerpt from the interview ：
Safe cattle （ Ann ）：Adam, First of all, thank you for your interview with safe cow , As a Chinese media company , Your analysis of China's network security at the black hat conference is unique to us . I'm glad to have the opportunity to communicate with you .
Adam： I'm really happy , I'm a big fan of safety bull (a big fan). We are also very concerned about China's network security media and information platform , Including platforms like black cloud , It's also an information platform that we're very concerned about .
Ann ： In your speech , You are right. “ Super cannon ” Did some technical analysis , From a technical point of view , What do you think “ Super cannon “ What's your level ？
Ann ： It's a great honor to get the attention of foreign security community . In your speech , You also mentioned that Chinese websites are adopting HTTPS There is a general deficiency in this respect , This is also “ Super cannon “ The key to success , Can you talk about the shortcomings of Chinese websites ？
Adam： We studied and compared the adoption of... By the largest websites in China HTTPS and HSTS The situation of , Compared with several major international websites , Chinese websites are adopting HTTPS and HSTS There are many shortcomings in this respect . in addition , Like China's largest search engine Baidu does not include HTTPS The site of , This also affects the adoption of the website objectively HTTPS and HSTS Enthusiasm . and HTTPS and HSTS To a large extent, it can prevent Cookie Hijacking and other attacks . The problem is , The biggest commercial website in China has such security problems , Then the attacker could take advantage of “ Super cannon ” A similar attack means to attack .
The following two pictures show Important websites in China and the United States adopt HTTPS and HSTS Comparison of the situation （CrowdStrike Provide information ）
Ann ：CrowdStrike There have been many research reports on China's cyber attacks , Are you doing research specifically for China ？
Adam： In fact, we are not divided into countries in threat information research , We study hacker attacks in various countries . This also includes hacking activities in western countries . however , We are an American company , So about China 、 Russia 、 Reports from countries like Iran are relatively easy to get attention .
Ann ： It seems that it's easy in America “ Politically incorrect “ In our country , Blaming China is indeed one of the few “ Politically correct ” What happened .
Adam： ha-ha , You'll see .
Ann ： well , Thank you very much Adam Give us an interview , I'd like to invite you to China for exchange in the future .
Adam： well , Thank you very much , I am also willing to communicate more with my Chinese counterparts .
Safety bull review ：
As a long-term concern for network security media , We are very happy to be able to see China's network security level from the perspective of foreign researchers . From a series of Foreign Studies on China's network operations and defense . Compared with advanced countries such as the United States, our country's network combat capability and defense level are still very insufficient .
For example, it's easy to trace the source of network attacks , Divulging personal information on social media and so on . In this regard, even Russian cybercrime groups have done better . Besides , We also feel deeply that , China's international exchanges in the field of network security are insufficient , A lot of times we do “ chicken ” perhaps “ The springboard ” And be accused of being an attacker , And we don't even have a chance to defend .
Security bull also hopes to play a role in promoting the exchange of people in the network security industry at home and abroad in the future .