Reverse engineering is hardest InfoSec task

The latest Codebreakers competition organised by Kaspersky among cybersecurity specialists from more than 35 countries has revealed reverse engineering is the most complex task performed by InfoSec practitioners.

According to the Information Systems Security Association (ISSA) and industry analyst firm Enterprise Strategy Group (ESG), the vast majority of cyber professionals state the cybersecurity skills shortage and skills gap has not improved over the past few years and even got worse. 

To help InfoSec practitioners enhance their skills, Kaspersky has continuously running expert training both online and offline, organising bootcamps and workshops. 

In June 2023, Kaspersky conducted a Codebreakers cybersecurity competition among more than 550 participants from 35 countries including France, Germany, United States, Russia, Brazil, China, India, United Arab Emirates, Saudi Arabia, Turkey, Singapore, and others. 

The competition was designed to test different hard skills of InfoSec professionals in a limited time frame and reveal their strong and weak sides. 

Experts from Kaspersky Global Research and Analysis Team set a number of cybersecurity challenges in three different tracks — Threat Hunting with Yara, Reverse Engineering and Incident Response. 

Participants were tasked with analуsing an attack scenario on a corporate network and collect evidence; write Yara rules for detecting malware; reverse engineer a program and uncover its secrets by cracking the APK obfuscator, training a machine learning model, checking a secure OS etc.

Only 18 participants were able to solve all the tasks. The best results were shown by InfoSec practitioners from Czech Republic and South Korea.

According to the competition statistics, the most complicated tasks for the participants were related to reverse engineering as they required specific knowledge of system programming, features of x86 and ARM architecture and practical skills in working with disassemblers and debuggers.

Participants solving the tasks fastest were associated with Yara, one of the most familiar and popular tools among those who analyse malicious code, and therefore required less time to perform. 

“We tried to make the CTF tasks as close as possible to the real-world challenges InfoSec professionals face every day”, said Dan Demeter, senior security researcher at Kaspersky.

“Participants were required to apply their knowledge in a variety of situations, ranging from beginner-friendly to expert level, testing their readiness to deal with advanced cyber threats in future scenarios,” said Demeter.

Yuliya Dashchenko, team lead of Expert Trainings at Kaspersky, said their Expert Training portfolio provides courses covering different cybersecurity topics, from basic knowledge in reverse engineering and writing Yara rules to advanced methods of finding threats and malware analysis.

“We believe that our cybersecurity competition will help participants to reveal and enhance their weaknesses to be able to cope with even the most complex threats in the future,” said Dashchenko. 

As a prize, the winner received free access to one of the Kaspersky Expert Training, others were also provided with a big discount for any training program.