Malware analysis for beginners: Getting started

Staying ahead of hackers and the latest malware requires a knowledgeable security team. Malware, especially ransomware, is constantly in the news, as hacker groups use it to attack companies and government agencies. More than 13 million attempted malware attacks on just Linux systems were detected during the first half of 2021.

The cybersecurity industry is struggling to find qualified infosec professionals to fill all the open positions. About 95% of security professionals say the security skills shortage hasn’t changed over the past few years. Now is a perfect time to get into the cybersecurity industry. So, how to get started?

Dylan Barker, a senior analyst at CrowdStrike, wrote Malware Analysis: Techniques: Tricks for the triage of adversarial software as an introduction to one part of the industry. “I thought it would be great if there was a quick reference out there,” Barker says. “I also wanted to inspire people just getting into the infosec industry. When people enter the infosec industry, they often think the only path for them is either sitting in a SOC [security operations center] and staring at Splunk all day or being a pen tester. There really are more exciting paths out there for blue teams [security analysts within a company] that maybe aren’t quite as popular.”

Barker calls malware analysis exciting and interesting. “We can gather all these IOCs [indicators of compromise] together and weaponize them. This will make life difficult for the adversary — or more difficult than we’ve historically made it. We can also assist coworkers, sys admins and other stakeholders defending a company’s systems.”

To help beginners entering the field of malware analysis, Barker’s book introduces key techniques and software. Readers learn how to set up a malware analysis lab. Barker also covers static and dynamic analysis methods and de-obfuscation techniques.

In this interview, Barker explains malware analysis for beginners looking to enter the field. He breaks down what to know and offers advice on how smaller security teams can succeed against malware attacks.

Editor’s note: The following interview was edited for length and clarity.

How would you recommend someone enter…