This is what it takes to be a successful hacker hunter

(Image credit: Bitdefender)

Given the acute shortage of online security specialists and the exponential growth in interest this market has experienced over the past few years, we decided to dig deeper. We sat down - virtually - with Liviu Arsene, Global Cybersecurity Researcher at security behemoth Bitdefender to explore the characteristics of a successful cybersecurity specialist. 

The ability to code: Are qualifications actually that important?

“While the ability to code important, what’s equally important is having an intimate understanding of how operating system internals work as well as possessing innate curiosity about how various technologies operate. Being a security researcher is much more about tinkering and constantly learning new things, while using your coding skills to reverse engineering malware and finding solutions to problems.”

Grit and grunt: not giving up

“Security researchers take great satisfaction out of solving challenges and figuring out solutions to new problems. Just as great detectives draw pleasure from solving crimes, security researchers are all about having the stamina, determination, and curiosity to invest time and energy into malware research and investigations, without giving up. While frustration may build up at some point, having a community of like-minded and skilled security researchers can sometimes help in finding new solutions.”

Luck and serendipity

“While it’s true that sometimes luck and serendipity can play a crucial factor in thwarting a particular malware or malware outbreak, it’s usually based on experience. Knowing how malware works and what are its most common implementations or packing techniques can sometimes make it easier to make breakthroughs. In fact, some of the best malware researchers can even look at the geometry of a file and figure out how it behaves and how to find important artefacts.”

Big and small data: the power of analytics

“No data is irrelevant when it comes to malware analysis. Sometimes something as benign as a file timestamp or an externally loaded resource can prove significant when analyzing a piece of malware. What’s even more important when analyzing malware is having threat intelligence telemetry from all over the world. This gives researchers the ability to correlate data about the analyzed malware sample across a large pool of big data containing live and constantly updated information about global threats. Using the power of analytics, researchers can sometimes figure out where the malware sample originated, if it’s part of a campaign, if it’s similar to other known malware, of even if there’s a risk of a potential outbreak.”

Empathy with the enemy: A new take on the Art of War

“Malware developers are sometimes just as skilled as security researchers, knowing how security solutions work and what tools security researchers may use when analyzing malware. Security researchers often have to think like malware developers and vice versa, which is why sometimes malware developers leave artefacts within their malware congratulating or expressing frustration with security researchers.

To coin a phrase from Sun Tzu, ancient Chinese military strategist who wrote the Art of War more than 2500 years ago,: “If you know your enemies and know yourself, you will not be imperiled in a hundred battles”. Cybersecurity and cybercrime is a constant cat and mouse game, where cybercriminals sometimes use military-grade cyber weapons.”

  • With a worldwide network of 500 million machines, Bitdefender has the largest security delivery infrastructure on the globe. Performing 11 billion security queries per day, Bitdefender detects, anticipates and takes action to neutralize even the newest dangers anywhere in the world in as little as 3 seconds.