Monday, December 11, 2023

Reverse engineering hardest task for infosec practitioners: Kaspersky

The latest Codebreakers competition organized by Kaspersky among cybersecurity specialists from more than 35 countries has revealed reverse engineering is the most complex task performed by information security (InfoSec) practitioners.

According to the Information Systems Security Association (ISSA) and industry analyst firm Enterprise Strategy Group (ESG), the vast majority of cyber professionals state the cybersecurity skills shortage and skills gap has not improved over the past few years and even got worse.

To help InfoSec practitioners enhance their skills, Kaspersky continuously run expert training both online and offline, organizing boot camps and workshops.  

In June 2023, Kaspersky conducted a Codebreakers cybersecurity competition among more than 550 participants from 35 countries including France, Germany, USA, Russia, Brazil, China, India, UAE, Saudi Arabia, Turkey, and others.

It was designed to test different hard skills of InfoSec professionals in a limited timeframe and reveal their strong and weak sides. 

Experts from Kaspersky Global Research and Analysis Team set a number of cybersecurity challenges in three different tracks: Threat Hunting with Yara, Reverse Engineering and Incident Response.

Participants were tasked with analуzing an attack scenario on a corporate network and collecting evidence; write Yara rules for detecting malware; reverse engineer a program and uncover its secrets by cracking the APK obfuscator, training a machine learning model, checking a secure OS etc.

Only 18 participants were able to solve all the tasks. The best results were shown by InfoSec practitioners from the Czech Republic and South Korea. 

According to the competition statistics, the most complicated tasks for the participants were related to reverse engineering as they required specific knowledge of system programming, features of x86 and ARM architecture and practical skills in working with disassemblers (e.g. IDA Pro, Ghidra) and debuggers (e.g. x64dbg/WinDBG/OllyDbg). 

Participants solving the tasks fastest were associated with Yara, one of the most familiar and popular tools among those who analyze malicious code, and therefore required less time to perform.  

“We tried to make the CTF tasks as close as possible to the real-world challenges InfoSec professionals face every day. Participants were required to apply their knowledge in a variety of situations, ranging from beginner-friendly to expert level, testing their readiness to deal with advanced cyber threats in future scenarios. Congratulations to the finalists who managed to solve all challenges and I am confident they will fully benefit from the free training offered by Kaspersky,” Dan Demeter, senior security researcher at Kaspersky, said. 

As a prize, the winner received free access to one of the Kaspersky Expert Training, while others were also provided with a big discount for any training program.


- Advertisement -spot_img