The U.S. National Security Agency (NSA) has chosen to open source the cybersecurity tool Ghidra, a reverse-engineering platform that takes "compiled," deployed software and "decompiles" it.
Reverse engineering allows malware analysts and threat intelligence researchers to work backward from software discovered in the wild to understand how it works, what its capabilities are, and who wrote it.
Said NSA cybersecurity advisor Rob Joyce, Ghidra was "built for our internal use at NSA" and "helped us address some things in our work flow."
Joyce noted that the NSA views the release of Ghidra as a recruiting strategy, allowing new hires to enter the agency at a higher level or contractors to provide expertise without having to first come up to speed on the tool.
Added Dave Aitel, a former NSA researcher who is now chief security technology officer at Cyxtera, "Malware authors already know how to make it annoying to reverse their code. There's really no downside [to releasing Ghidra]."
View Full Article
Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA