Английская Википедия:Ang Cui

Материал из Онлайн справочника
Перейти к навигацииПерейти к поиску

Шаблон:Short description

Шаблон:COI Шаблон:Infobox person

Ang Cui (Шаблон:Zh) is an American cybersecurity researcher[1] and entrepreneur. He is the founder and CEO of Red Balloon Security in New York City,[2] a cybersecurity firm that develops new technologies to defend embedded systems against exploitation.[3]

Career

Cui was formerly a researcher with Columbia University's Intrusion Detection Systems Lab where he worked while pursuing his Ph.D. in computer science at Columbia University.[4][5][6] His doctoral dissertation, entitled “Embedded System Security: A Software-Based Approach,” focused on scientific inquiries concerning the exploitation and defense of embedded systems.[7] Cui received his Ph.D. in 2015, and founded Red Balloon Security to commercialize his firmware defense technology now known as Symbiote.[8][9]

Cui has publicly demonstrated security vulnerabilities in widely used commercial and consumer products, including Cisco[10][11] and Avaya VoIP phones,[12][13][14] Cisco routers[15][16] and HP LaserJet printers.[17][18][19][20] He has presented his research at industry events including Black Hat Briefings,[21][22][23][24] DEF CON conference,[25][26] RSA Conference,[27] REcon security conference[28] and the Auto-ISAC 2018 Summit.[29] Cui's security research has earned the 2011 Kaspersky Labs American Cup Winner,[30] 2012 Symantec Research Labs Graduate Fellowship[31] and the 2015 DARPA Riser[32]

In 2017, the United States Department of Homeland Security cited his company with the “Crossing the Valley of Death” distinction for the development of a commercially available cyber defense system for critical infrastructure facilities, which was produced following a 12-month DHS funded pilot study to evaluate cyber sabotage risks to the building systems of a DHS Biosafety Level 3 facility.[33][34][35]

Dukedom

In 2020, Cui received the noble title of duke from the Principality of Sealand. Cui's royal title grants him an official territory, or duchy, of one square foot within the micronation,[36] which he has named SPACE.[37] As a Duke of the Principality of Sealand, Cui joins the ranks of notable figures who have also received nobility titles from the micronation, including English cricketeer Ben Stokes[38] and musician Ed Sheeran.[39]

Security Research

Symbiote

Cui is best known for his role in the development of Symbiote, a host-based firmware defense technology for embedded devices.[40]

Symbiote is injected into the firmware of a legacy embedded device where it provides intrusion detection functionality.[41][42][43][44] It does so by constantly checking the integrity of static code and data at the firmware level, in order to prevent unauthorized code or commands from executing. Symbiote is operating system agnostic and is compatible with most embedded devices.[45][46][47] Red Balloon Security has already released Symbiote for commercial printer brands like HP[48] and other devices.

On June 21, 2017, Red Balloon Security announced the launch of Symbiote for Automotive Defense, an automotive version of the standard Symbiote technology, at the Escar USA Conference in Detroit.[49]

In 2016, Popular Science named Symbiote one of the “9 Most Important Security Innovations of the Year.”[50]

HP LaserJet Printers

In 2011, Cui was part of a research effort at Columbia University, directed by Professor Salvatore Stolfo, to examine security vulnerabilities in HP LaserJet printers.[51] The project found chers announced significant security flaws in these devices which could allow for a range of remote attacks, including triggering a fire hazard by forcing the printer's fuser to continually heat up.[18]

HP released a firmware update soon after these findings were released.[20] However, team claimed they found 201 vulnerable HP laser jet printers in the U.S. Department of Defense's network and two at HP's headquarters months after the security patch was released.[45] In 2015, HP licensed Cui's Symbiote technology to use as a firmware defense against cyber attacks for its LaserJet Enterprise printers and multifunction printers.[52]

Cisco IP Phones

At the 29th Chaos Communication Congress in December 2012, Cui and Stolfo presented the findings of their DARPA funded research study, which exposed a vulnerability in Cisco IP phones (CiscoUnified IP Phone 7900 series) that could allow an attacker to turn them into bugging devices.[53] The exploit gained root access to the device's firmware, which could enable the interception of phone calls. It would also allow an attacker to remotely activate the phone's microphone in order to eavesdrop on nearby conversations.[10]

Funtenna

At the 2015 Black Hat Briefings cybersecurity conference,[22][54] Cui unveiled a firmware exploit called “Funtenna”[55] which manipulates the electronic processes within common devices like printers, phones, and washing machines in order to create radio signals which could secretly transmit data outside of a secure facility.[56][57][58] The attack could even work with devices within an air-gapped system.[59][60]

News outlets such as Ars Technica and Motherboard noted Funtenna's potential for turning infected devices into covert spying tools.[59][21]

Monitor Darkly

At the DEF CON 24 security conference in 2016,[61] Cui, along with his principal scientist Jatin Kataria and security researcher Francois Charbonneau, demonstrated[62] previously unknown vulnerabilities in the firmware of widely used computer monitors, which an attacker could exploit to both spy on the user's screen activity and to manipulate what the user sees and engages with on the screen.[63][64]

Called “Monitor Darkly,” the firmware vulnerability was reported to affect Dell, HP, Samsung and Acer computer monitors.[65]

The vulnerability was specific to the monitors’ on-screen-display (OSD) controllers, which are used to control and adjust viewing options on the screen, such as brightness, contrast or horizontal/vertical positioning.[66] However, as Cui, Kataria and Charbonneau noted in their talk abstract for the 2016 REcon security conference, with the Monitor Darkly exploit, the OSD can also be used to “read the content of the screen, change arbitrary pixel values, and execute arbitrary code supplied through numerous control channels.”[67]

The security news site CSO Online said about the vulnerability, “By exploiting a hacked monitor, they could manipulate the pixels and add a secure-lock icon by a URL. They could make a $0 PayPal account balance appear to be a $1 billion balance. They could change ‘the status-alert light on a power plant's control interface from green to red.’”[65]

The exploit was later used in a Season 3 episode of the Mr. Robot show, in which the FBI uses it to take screenshots of Elliot Alderson’s computer.[68][69]

BadFET

At the 2017 REcon security conference, Cui and security researcher Rick Housley demonstrated[70] a new method for hacking processors through the use of an electromagnetic pulse, or EMP.[71]

Known as electromagnetic fault injection (EMFI), this class of attacks has been investigated before, but Cui and Housley’s new technique, known as “BadFET," is adapted to exploit modern computers and embedded devices, by impacting multiple components within these devices at the same time.[72] By using a 300 volt EMP pulse from 3 millimeters away, the BadFET attack bypasses the Secure Boot protection that keeps processors from running untrusted code.[72]

Cui and Housley also introduced an open source EMFI platform that makes BadFET available to other security researchers, for further analysis, testing and development.[71]

Thrangrycat

On May 13, 2019, Cui and his research team (composed of Jatin Kataria, Richard Housley and James Chambers)[73] jointly announced with Cisco[74] a critical vulnerability in Cisco's secure boot process[75] identified as CVE-2019-1649,[76][77] and referred to as “Thrangrycat”[78] by Red Balloon Security.

The vulnerability affects a key hardware security component developed by Cisco known as the Trust Anchor module (TAm).[79] The vulnerability is considered significant, as TAm underpins the secure boot process in numerous Cisco devices, including routers and switches.[80] As WIRED Magazine explained in its reporting on the Thrangrycat vulnerability: "Known as the Trust Anchor, this Cisco security feature has been implemented in almost all of the company’s enterprise devices since 2013. The fact that the researchers have demonstrated a way to bypass it in one device indicates that it may be possible, with device-specific modifications, to defeat the Trust Anchor on hundreds of millions of Cisco units around the world. That includes everything from enterprise routers to network switches to firewalls.”[81]

Cisco describes the TAm as a “proprietary, tamper-resistant chip”[82] that is “found in many Cisco products” and “helps verify that Cisco hardware is authentic.”[83]

The vulnerability could enable an attacker to modify the firmware of this module to gain persistent access on a network and carry out many different types of malicious activity, including data theft, importing malware and physical destruction of equipment.[84][85]

The New York Times called Thrangrycat “super alarming,”[86] with WIRED Magazine warning it has “massive global implications.”[81]

Thrangrycat is believed to be the first security vulnerability to be named with emoji symbols.[87]

References

Шаблон:Reflist

Партнерские ресурсы
Криптовалюты
Магазины
Хостинг
Разное

  1. Шаблон:Cite magazine
  2. Шаблон:Cite web
  3. Шаблон:Cite web
  4. Шаблон:Cite web</refdref name="auto">Шаблон:Cite web
  5. Шаблон:Cite web
  6. Шаблон:Cite web
  7. Шаблон:Cite thesis
  8. Шаблон:Cite web
  9. Шаблон:Cite web
  10. 10,0 10,1 Шаблон:Cite web
  11. Шаблон:Cite web
  12. Шаблон:Cite web
  13. Шаблон:Cite web
  14. Шаблон:Cite web
  15. Шаблон:Cite journal
  16. Шаблон:Cite web
  17. Шаблон:Cite magazine
  18. 18,0 18,1 Шаблон:Cite web
  19. Шаблон:Cite web
  20. 20,0 20,1 Шаблон:Cite web
  21. 21,0 21,1 Шаблон:Cite web
  22. 22,0 22,1 Шаблон:Cite web
  23. Шаблон:Cite web
  24. Шаблон:Cite web
  25. Шаблон:Cite web
  26. Шаблон:Cite web
  27. Шаблон:Cite web
  28. Шаблон:Cite web
  29. Шаблон:Cite web
  30. Шаблон:Cite web
  31. Шаблон:Cite web
  32. Шаблон:Cite web
  33. Шаблон:Cite web
  34. Шаблон:Cite web
  35. Шаблон:Cite web
  36. Шаблон:Cite web
  37. Шаблон:Cite web
  38. Шаблон:Cite web
  39. Шаблон:Cite news
  40. Шаблон:Cite web
  41. Шаблон:Cite web
  42. Шаблон:Cite web
  43. Шаблон:Cite web
  44. Шаблон:Cite web
  45. 45,0 45,1 Шаблон:Cite web
  46. Шаблон:Cite web
  47. Шаблон:Cite web
  48. Шаблон:Cite web
  49. Шаблон:Cite web
  50. Шаблон:Cite web
  51. Шаблон:Cite web
  52. Шаблон:Cite web
  53. Шаблон:Cite web
  54. Шаблон:Cite web
  55. Шаблон:Citation
  56. Шаблон:Cite news
  57. Шаблон:Cite web
  58. Шаблон:Cite web
  59. 59,0 59,1 Шаблон:Cite web
  60. Шаблон:Cite web
  61. Шаблон:Cite web
  62. Шаблон:Citation
  63. Шаблон:Cite web
  64. Шаблон:Cite web
  65. 65,0 65,1 Шаблон:Cite web
  66. Шаблон:Cite web
  67. Шаблон:Cite web
  68. Шаблон:Cite web
  69. Шаблон:Cite web
  70. Шаблон:Cite web
  71. 71,0 71,1 Шаблон:Cite journal
  72. 72,0 72,1 Шаблон:Cite magazine
  73. Шаблон:Cite web
  74. Шаблон:Cite web
  75. Шаблон:Cite web
  76. Шаблон:Cite web
  77. Шаблон:Cite web
  78. Шаблон:Cite web
  79. Шаблон:Cite web
  80. Шаблон:Cite web
  81. 81,0 81,1 Шаблон:Cite magazine
  82. Шаблон:Cite web
  83. Шаблон:Cite web
  84. Шаблон:Cite news
  85. Шаблон:Cite web
  86. Шаблон:Cite news
  87. Шаблон:Cite web
Источник — http://wikihandbk.com/ruwiki/index.php?title=Английская_Википедия:Ang_Cui&oldid=13158375