May 13, 2016

Also Because “Bounty Hunter” is a Rad Job Title

By Daniel

The last two days have involved driving to work rather than taking the train, hence a lack of writing. I did put up a post over on that might give a little clue as to what I’ve been up to.

I’ve been involved with fighting ransomware before, if only from the position of raising awareness. At the same time, I’ve been really unsure as to what I want to pursue as my next “deep” hobby. This week, it clicked. I’m going to be a malware researcher.

There are a number of things about this decision that really appeal to me. I have that innate desire to help people, and this is an opportunity to leverage skills that not a lot of people have to do so, potentially to save people from losing what might amount to their life story in digital form. From about the age of 13 on, I’ve had a fascination with hacking, and I can actually take the gloves off as a white-hat, working with teams to dissect viruses and help neutralize the source. There’s a fair amount of press (I’ll stop short of calling it fame) that can come with being a security expert. I’m not planning on leaving my job any time soon, mind you, I just like being renowned for something. It gives me an opportunity to learn an entirely separate field of computing than I’ve ever been exposed to. I’ve got about a 900-page book called Practical Malware Analysis that is pretty much all new content for me. That’s exciting for me. I also have the ability to do something that’s rare in the malware analysis scene right now, which is to quickly translate the research findings into something usable for sysadmins. I did this yesterday and it went over very well.

I’ve got my first credit in one of the best living documents on ransomware out there and it’s a great feeling. It’s a really fun community to interact with, these are all very smart people, likely very high up in various tech and security outfits. And there’s just something infinitely cool about poking and prodding viruses designed for extortion or espionage, taking them apart to see what makes them tick and how to protect the world from them, and then doing exactly that. It makes me feel really good knowing that my network is better-defended than most of the other networks on the planet, without being overly burdensome on my users.

I’m really excited for this, and I’ve already got a few lab environments set up. I’ve got the OK from by boss to build an isolated lab at work to use for research. I’ve got a nice little setup with point-to-point wireless leading to a Verizon USB modem, totally isolated from our production network.

Now, this is probably going to impact my writing schedule a bit. My laptop is perfectly capable of running the software used in analysis and reverse-engineering. It’s also more than suitable for reading a 900-page book. And quite honestly, it’s really got my interest right now. I don’t know what the end-game is, there really isn’t one in a field like this. It would be awfully cool if I was able to apply the knowledge I pick up to earn some bug bounties. There’s something really intriguing about that world, people get thousands and thousands of dollars for finding flaws and disclosing them responsibly. That’s badass. What a time to be alive.