Hacking Book | Free Online Hacking Learning


zhang changhe: from national team backbone to network security protection

Posted by chiappelli at 2020-03-21

At the just concluded Internet Conference in Wuzhen, Weida security was described as a "black horse" killed by the Internet security industry.

Founded only two years ago, Weida security has rapidly gained its reputation: the "intelligent dynamic defense" technology described by CCTV as "the black technology that makes hackers tremble", the "magic" word series product that comprehensively covers network security, and the ingenious "million reward for global hacker attacks on Weida headquarters" A series of actions let Weida attract people's attention, and also let Zhang Changhe, the founder of Weida, enter the public vision.

I'm afraid that few people have heard of this name, although he has been at the forefront of the security field for many years - when he was the "guardian of national security";

Now, as an entrepreneur, he wants to break into a new world.

Before the establishment of Weida security, Zhang Changhe had been studying at the PLA Information Engineering University for 18 years.

The outside world knows little about him, only academic papers and some sporadic news can be seen. But in fact, this is the starting point of his bond with security.

After graduating from high school, he was admitted to the PLA Information Engineering University. In the year of graduation, as an undergraduate, he was specially approved by the university to stay in school and teach network security courses.

In the history of PLA Information Engineering University, the number of teachers who stay in the university after graduation is very small. What he is looked upon by the university is not only his talent superior to ordinary people, but also his hard work.

Sometimes, Zhang Changhe would tell his colleagues about his experience in the period of studying and teaching: he had spent two years reading all the books and materials related to computers in the school library, and the book was trying to be thorough and thorough;

He often lived in the laboratory all month during the school period. It was common for him to stay up all night in order to do the project;

Follow the tutor to undertake network security related tasks of important units. His talent enables him to often find problems that other technicians cannot find and solve problems that others cannot solve.

With deep accumulation and mature experience in technology, Zhang Changhe has become the technical backbone of the college. The college will hand over the most important and key national scientific research projects arranged by the superior to him.

Now, his projects have played a key supporting role in various important fields, and he himself has won many honors for his outstanding work, including the second prize of national science and technology progress, the first prize of science and technology progress of the whole army, and the third prize of military individual.

However, when talking about these scientific research tasks, Zhang Changhe is very insipid:

"Because of the nature of the school itself, it mainly undertakes some major national network security related projects. The intensity of the project is very high, and it is also very urgent. Each one is related to the future of network security. "

Zhang Changhe, who has been teaching in Colleges and universities for many years, has heard a lot about the security situation of the industry and often heard people around him worry about the current situation of domestic network security.

"At present, the industry is not able to meet the needs of the whole society for network security. The negative impact of network threats on social and economic development is sometimes more obvious. The traditional network security industry will feel stretched out in the face of threats."

It is this situation that makes Zhang Changhe decide to devote himself to the industry: "after many years of theoretical research, it is time to put it into practice. We must change this pattern and open up a new situation for the network security of our country. "

Founded two years ago, Weida security has launched a number of products, each of which is named after the word "magic", covering all aspects of network security.

"Magic words have the feeling of illusion. We can resist attacks and ensure network security by creating a constantly changing environment." Zhang Changhe told us.

The so-called "illusion of emptiness" is the "intelligent dynamic defense" technology initiated by Weida.

With years of advanced security research foundation, at the beginning of joining the industry, Zhang Changhe accurately grasped the crux of the current security: "the current security products, no matter how they change, are essentially based on feature recognition. The biggest defect is that they can never obtain the feature code of unknown threats, and they are difficult to deal with unknown threats, but this is the most dangerous."

Zhang Changhe hopes to achieve the goal of "advance defense".

Rich experience tells him that hacker attacks are regular and there must be necessary nodes, and the key to layout is here.

"Turn the network architecture into a dynamic maze full of traps. None of the nodes that attackers must pass is completely true. Once the attacker triggers the trap, he will be caught. "

He also uses mountaineering as a metaphor for this technique. Suppose the hacker is a climber, the mountain is the target of attack, and the hacker is the target when he climbs the mountain.

The general method of safety technology is to protect the mountain heavily and set up various roadblocks for the climbers. There is no time dimension limit for the climbers. Once the climbers "persevere" and "cut through the thorns", they can always reach the top of the mountain and win the goal.

The "intelligent dynamic defense" technology creates a "time barrier" for mountaineering, which can break the accumulated ability of climbers. In the preset short time, if the climbers do not reach the top of the mountain, the mountain will disappear, and the climbers need to find the mountain again.

Sometimes the climber thinks he has found the target, but in fact he has climbed the wrong mountain. This is the difference of "intelligent dynamic defense" technology.

On the 11th of this year, Weida launched the activity of "one million reward for global hacker attacks on Weida headquarters":

There is no layer defense system. The target machine environment is Windows 2003 without any patches, anti-virus software and firewall. Even the built-in password is a weak password with a length of no more than 6 digits and no special characters. The only defense method is "the dynamic defense system of the mirage Intranet"

Zhang Changhe has his own ideas about this adventurous behavior.

"To let customers recognize our products, we need to conduct real confrontation and prove our strength with victory."

He told us, "by calculation, the chance of being broken is one in a billion. And if someone really finds a loophole in mirage, it's worth a million dollars to upgrade the product. "

Although he has made great achievements in the field of security, in the field of business, Zhang Changhe is still a newcomer and needs to face many problems that he has never experienced before.

"In the past, when I was doing research in a university, I had two classes a week. I had a relatively rich salary and sufficient research funds. I didn't need to think about other things."

Zhang Changhe recalled his experience in the University, "the system actually solved many worries."

After starting the business, the challenges came into Zhang Changhe's vision one after another:

"All problems have to be solved by ourselves. We need to learn and change constantly. For example, how to build a strong team to stand out among the two or three hundred domestic security companies? How can I make my technology more competitive and get to the first or second place in a subdivision field? "

Fortunately, Zhang Changhe's entrepreneurial experience is always more passionate and happy than hard and painful. At every critical moment, there are appropriate people and things to help him through the difficulties.

Starting from the initial small team of several people, we eat and live together without salary. The R & D backbones are still full of passion 24 hours a day, focus on work and strive for the common goal;

In the first year of the company's establishment, a large project was successfully received, and the initial embarrassment soon ended, and the profit was realized in that year;

Later, it was favored by the capital, and many companies vied for shares to quickly finalize the pre-A round of 60 million financing Along the way, Zhang Changhe's entrepreneurial road seems to be more smooth than others.

In two years, Zhang Changhe learned how to deal with the market and completed the identity transformation; Weida security, led by him, also grew rapidly, established its feet in the network security industry, and gradually covered the company's Exhibition cabinets with honors and certificates.

No matter how difficult the boss is, he is always calm and optimistic. It seems that he has been favored by the God of luck. His colleagues jokingly called it "a lot of help.".

However, Zhang Changhe believes that opportunities are always reserved for those who are always ready: "do what you should do well, and be able to fully grasp them in the face of opportunities."

Now, Weida is gradually on the right track, and Zhang Changhe begins to look forward to the future.

"As long as there is a network, there is a need for our Weida to exist." This is Zhang Changhe's expectation for the future.

At the same time, "changing the pattern of network security defense" is still Zhang Changhe's ultimate goal. To this end, he has been thinking and working hard.

"From static defense to dynamic defense, from passive defense to active defense, this is the development trend of technology. In terms of application field, it will be the future research direction from intranet defense to cloud security, Internet of things, terminal development, including defense under IPv6 architecture. "

Zhang Changhe said, "but I have noticed an obvious problem: our security industry has been following the innovation, or to be frank, copy, what others do we learn."

"In terms of innovation, we are far from the United States and Israel, and lack of obsession with new technologies. In the long run, the gap will only grow. We will never be able to run on someone else's track. We need to go back to our own track. " For Zhang Changhe, "intelligent dynamic defense" technology is the starting point to catch up with this gap.

What's rare is that Zhang Changhe, besides safety, is a devout Buddhist who has been a vegetarian for many years. For many years, he has been taking faith as his driving force, especially after starting his own business.

"If you start a business for a long time, you will encounter many choices. If you start a business for a long time, many people will go on the wrong way. I think that to stick to the right path and do only the right things, a good faith can provide a lot of spiritual help. Faith tells me that to have good results, we must have a good beginning. Therefore, at the beginning of being an enterprise, we will choose a right path, at least one beneficial to the country and the people. No matter how far we go in the future, our original intention will remain unchanged. "

"Mahayana practitioners are talking about universal living. My original intention for safety is to do something for the country and the whole industry. In the face of difficulties and setbacks, the power of faith can keep me going. " When it comes to this, Zhang Changhe, who has always been calm, seems particularly serious. He told us that the name of Weida is actually related to Buddhism.

"Veda is actually a Sanskrit, meaning knowledge and wisdom. It also represents Weituo Bodhisattva, the Dharma protector in Buddhism, who is responsible for the safety of the Dharma circle. What we need to do is to protect the Dharma in the Internet world, and to fully protect the national and people's Internet security."

-Recommended reading-

What is the "black technology" of Weida Security reported by CCTV?