Sergejs Harlamovs

Malware Analyst

What did you want to be when you were little?

While I had no clear idea what I’d do in life when I was a kid, certain things always captured my attention. Taking stuff apart, cyberpunk genre and detective fiction on TV. If I only had a chance to combine such eclectic passions into a career…

When and how did you discover your interest in IT and/or cyber security?

The first time I discovered my interest in IT was in my early teens. It started when I’ve got my first computer. Pascal programming course was recommended to me by a lecturer in a local university. She was responsible for organizing coding classes for teens.

Later on, I came upon the fact that just like the values of variables defined in a program can be modified, the computer memory of other processes can be altered as well. Back then I utilized this for changing the behavior of AI-based enemies and physics in video games.

As it turned out this was not the only way of using this powerful technique. Memory manipulation is the way how hackers gain access to a system. The journey of a thousand miles has begun.

How did you become a Malware Analyst? Which education, knowledge, or experiences were particularly helpful for this?

Malware analysis is a process of reverse engineering a specific piece of malware.

Reverse engineering itself is not taught formally in the universities as a distinct academic discipline. Generally, it is often confused with a piracy practice. So, I graduated with a Master’s degree in Computer Systems & Information Technology, to get the big-picture of how versatile information and communication systems are engineered and designed. The rest was self-taught.

Which (professional and human) skills are particularly important in your current job?

Not everyone can become a reverse engineer – it requires a specific mindset and dedication.

One must prefer “reconstructing and interpreting something” over “developing and producing something”. In a day to day work a Malware Analyst processes the information, analyses the threat landscape, filters out the noise, notices trends, records the individual characteristics of each analyzed object, and highlights the most interesting cases. With this in mind, it requires paying attention to both the micro and macro picture.

What would you have liked to know about your job earlier?

Being a Malware Analyst is much about experimentation as well. I wish I would know more about organizing various processes that have become typical these days. This applies to threat hunting, sharing indicators of compromise, etc.

What do you like best and least about your job?

The best about a malware analyst job is that you are helping people around the world by learning something new and applying what you have just learned. Emerging technologies have many vulnerabilities that are actively exploited. So, to make malicious efforts ineffective and to protect people you always have to be at the leading edge of technology.

Because keeping an eye on everyday trends is crucial, this is also the difficult part. Something new is happening even on weekends because bad guys are not taking days off. If you are not following the trends it’s very easy to fall behind.

What is special about your role as Malware Analyst?

The expertise is the main product of Malware Analyst. The latest discoveries serve as the capstone for designing protection solutions. Because of mentioned reasons, as a Malware Analyst, I am constantly thinking about capturing different angles of view on the current threat landscape. I am searching for something important that was overlooked. On the other hand, I am trying to make custom practices of analysis well-defined, straightforward, scalable.

What do you think are good ways to get started in the IT / cyber security industry?

My view is fairly simple:

Find the right University and choose the classic program that combines mathematics and computer science
Use the full potential of your University
Read security-related literature focused on practice
Subscribe for people on Twitter that are experts in this field
Apply for your first trainee role

That will be enough for the first time ;-)

Why should someone apply to be your new colleague?

You will get fun if the following keywords altogether do not leave you indifferent: binary, malware, research, cyber-crimes, reverse engineering, vulnerabilities, investigations. Reverse engineering mindset is relatively rare so our office is a good place to exchange knowledge and ideas.

Always up to date

Exciting and worth knowing news from the cybersecurity industry: IKARUS regularly informs about current analyses and outbreaks as well as news from the areas of IT, OT and IoT security. We also post on LinkedIn, Twitter and Facebook – just follow and be informed!

IKARUS Security News