Cyber attackers aren’t passive; defenders can’t be either

But once he learned more about known cyber exploits and vulnerabilities, and started thinking like a hacker, he quickly realized that he needed to do more to protect his devices.

“It's like in Harry Potter where they had ‘Defense Against the Dark Arts’ teachers who taught the wizarding students all the dark arts so they knew how to defend themselves against it,” said Ferguson, who works in computer network operations at Raytheon Intelligence & Space’s Cyber Offense and Defense Experts, or CODEX.

Raytheon Intelligence & Space, a Raytheon Technologies company, recognizes that cyber defenders need to know the techniques, tactics, and tools that hackers — be they state actors, ransomware criminals, or lone-wolfs — use, so they’ll be better able to defend against them.

There is a worldwide shortage of cybersecurity experts. Currently, there are about 377,000 vacant cyber jobs in the U.S. and 2.7 million globally, according to a report from (ISC)², a non-profit organization specializing in cyber training and certification programs that issues an annual study on cybersecurity workforce trends.

CODEX is addressing this shortfall through an in-house program to develop and increase these rare skillsets. Called Offensive Labs, it’s a training program that is teaching students topics such as vulnerability research, computer network operations, and binary reverse engineering, the process of dissecting and understanding source code when the original software code is unavailable.

“We’re approaching this from the perspective of a hacker and using our knowledge of offensive tactics to better inform how we do cyber defense,” said Tim Zentz, acting director of CODEX. “To help individuals adapt to this mindset, we’re working with them to determine their current capabilities and guiding them in expanding their skills and knowledge.”

The first class had seven students, many of whom had worked at the company for only a year or two. By the end of 2022, the program’s organizers plan to have 50 graduates.

The training is virtual, meaning the program can teach students wherever there’s a need — a critical advantage that allows Raytheon Intelligence & Space to better meet customer requirements, wherever they might be. Many in the first group of cohorts worked out of CODEX’s facility in Greenville, South Carolina, because of customer needs and a shortage of employees with the required skillsets.

“Cyber operators with these skillsets are highly sought after, and whether we’re losing them to the great resignation, competitors, startups, you name it, we needed to find a way to keep the great people we have,” said James Thompson, Offensive Labs director and CODEX Digital Technologies director. “Offensive Labs is allowing individuals to retool for the future, get new opportunities and take on new challenges.”

The course starts with a recap of basics including assembly language, a low-level programming language designed to communicate instructions with specific computer hardware, then moves on to more advanced exercises like analyzing ready-to-run programs in the Linux operating system and using the Python programming language to develop exploits against them.

“It’s our assessment phase in which we expose the students to a broad range of things ranging from vulnerability research to binary exploitation to reverse engineering,” said Thompson. “We really expose them to a lot of content, which helps us gauge where they are. Once we're finished with the general knowledge and assessment phase, we then break them down into that first tier of specialization for their skills.”