16.09.2020

Is organised crime cool? (No, it’s not)

Mark: Stefan, we announced a Tech Talk about practical reverse engineering. We also announced that the invitation was addressing «real» technicians. Now – what is the difference between a «real» data and information security expert and a computer scientist?

Stefan [thinking] I guess a computer scientist wears the right shoes without being an equally experienced runner. Every IT-professional thinks in machine respectively computer language. But reverse engineering requires a special mindset, training on the job, exercises, and experience. A reverse engineer must understand the innermost functions of a computer as well as of Windows and Linux. In essence: Reversing and computer science are the same, but reversing is the deep-down version if you will.

An example: A few days ago, we ran into something totally new. A reverse engineer must be curious. He will not simply give in but chase the information to crack how something really works. Puzzling and logical thinking are two of the core soft skills.

In other, short words: The reverse engineer is simply way better than a standard computer scientist, right?

Well, what does «way better» stand for? The reverse engineer might or will see contexts a standard computer scientist will miss. But we have our own specialisations, too. Personally, I came from the Linux world – which means that I must look up many Windows details.

Well, Swiss Cyber Experts took part in an exercise that – in a nutshell – partially collapsed because technicians found out that a Windows system would never run on a Linux engine.

Stefan [smiles]: Well, I would look up the possibilities to get Window working on Linux….

Right – as other SCEs stated this was an error and that they’d simply continue. Successfully.

True that. I’ll keep my training very bottom-up and constructive. I will allow teamwork or even chasing a solution jointly. For the moment just this: I have built in some typical things a reverse engineer will find time and time again. I do not want to unveil too many things….

Well, you should not anyway…

…. but spoofing and encryption of the communications protocol will be part of the exercise.

Does a reverse engineer show criminal energy?

If you call curiosity criminal energy, then yes, but I stress that curiosity as such is not criminal. But of course, to have malware, an illegal piece, on your computer, is sort of fascinating.

And there are negative examples such as Marcus Hutchins who stopped WannaCry only to be arrested over Kronos. But to me personally it’s the fascination for the police work if you will.

I heard about organised crime, it was «sort of cool» – since much leaner organised and faster than we’d ever be…

This is what distinguishes organised crime. Look at the cinema: Mafia movies are not produced because the mafia was not cool. But face it: These organisations cause massive damage. At the same time one has to admit: Organised crime is extremely well organised, has an excellent change management, is more agile in developing and has the better helpdesk than many companies. But let me be clear: Mafia is not cool, nonetheless.

This conversation could go on and on, I know – but let us just look forward to the SCE TechTalk #1 2020, curious to see what our experts come up with when it comes down to reverse engineering.

 

August 31st, 2020 / GS. ¢