Recently IT Brief had the opportunity to sit down with Noushin Shabab, the senior security researcher for Kaspersky's GReAT team. We discussed how she got started in cyber security as well as her goal to inspire more woman to join the industry.
So you’re one of the senior researchers for the GReAT team, can you tell me a bit more about this team and what you aim to accomplish?
GReAT is a research group comprising of 40 people all around the world. We have a major presence in APAC and in Europe and we all work together to uncover major cyber threats and cyber espionage activities. We usually try to focus on our own regions but when one of us uncovers something major we all try to work together to solve it.
So for myself, I usually focus on Australia and New Zealand, but because I'm part of the APAC team, and there's not as much happening in Australia and New Zealand as there is in other parts of the APAC region I spend my time working on cyber attacks happening in other parts of the region.
Since we just touched on A/NZ what are some of the biggest threats in this region?
We have some problems with banking Trojans in Australia, I'm not sure about New Zealand. But I think the problem carries over just not as extreme as in Australia. So we’ve been monitoring this over a few years now and every year we see Australia among the top targets for banking Trojans.
We have also seen Australia among the direct or indirect targets of some APTs in the past few years but the situation is not that bad.
In terms of the targeted attacks and reverse engineering them what's that process like, and how did you go about it?
We have different techniques to detect suspicious activities in the customer's network from the signatures of previously known malware to heuristics and more generic signatures to match with a new component of old attacks or behavioural systems to understand the suspicious behaviour.
So when we collected the suspicious files or components, we start looking into the files and into the like suspicious components, if it's a compiled file, that's where the reverse engineering process starts.
Without going into too much detail we then work back piece by piece until we understand how the malware works and where exactly it came from. That's how we shape the whole picture of that tech, how it started, what it does, what it's after; if it's money or if it’s information and then most importantly what is next. Once all of that is done we aim to prevent future attacks.
So just to switch gears for a moment, as a successful woman in tech what would you say to girls to encourage them to pursue their dreams in technology?
In Australia, we have collaborated with different organisations and different campaigns to help new people especially female university students, high school students or even people who are working in the technology field, but not in cyber security, to get more encouraged and interested and involved in cyber security.
One example is the Australian Women in Security Network (AWSN). There is a community in Australia which is called AWSN and it's a big community now, it's been for a few years and we are trying to help women get more involved in security and there was a campaign that we started like two years ago which is called AWSN and candidates.
It's for a small group of female university students, I provided the first technical workshop for the students to get them more familiar with reverse engineering and what I do, how it works in the defensive part of cybersecurity and IT. The group is now growing to I think 60 students.
On a different note, I'm happy to see more and more female speakers as the main speakers at conferences. It used to be such a male-dominated space but it shows to our peers that we are every bit as dedicated and talented if we can showcase our work and discoveries in front of them. It is amazing to be part of such an important movement.