Sign In

Communications of the ACM

ACM TechNews

NSA Makes Ghidra, a Powerful Cybersecurity Tool, Open Source


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Japanese movie monsters Godzilla and Ghidra (namesake of the new NSA software) do battle.

The U.S. National Security Agency has chosen to open source the cybersecurity tool Ghidra, a reverse-engineering platform that allows users to decompile software.

Credit: imgur.com

The U.S. National Security Agency (NSA) has chosen to open source the cybersecurity tool Ghidra, a reverse-engineering platform that takes "compiled," deployed software and "decompiles" it.

Reverse engineering allows malware analysts and threat intelligence researchers to work backward from software discovered in the wild to understand how it works, what its capabilities are, and who wrote it.

Said NSA cybersecurity advisor Rob Joyce, Ghidra was "built for our internal use at NSA" and "helped us address some things in our work flow."

Joyce noted that the NSA views the release of Ghidra as a recruiting strategy, allowing new hires to enter the agency at a higher level or contractors to provide expertise without having to first come up to speed on the tool.

Added Dave Aitel, a former NSA researcher who is now chief security technology officer at Cyxtera, "Malware authors already know how to make it annoying to reverse their code. There's really no downside [to releasing Ghidra]."

From Wired
View Full Article

 

Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA


 

No entries found