I occasionally post interesting job postings from security firms or device makers. I usually avoid all of the US military-focused jobs, things that require secret clearance, etc. But there’s a LOT of military postings, a LOT more than the from the device makers and civilian security firms. Below are a few excerpts from a job posting from a US DOD contractor job description, if you’ve any doubt that firmware-level attacks are a thing or not, and what attack skills and tools are being considered, below job posting is fairly verbose. I really wish I knew how to track similar jobs from all governments, not just from US-based job sites, that would be fascinating to compare different state actors in this way.
OEMs: look at how governments are attacking your hardware, it isn’t just hobbyist hackers having fun on Twitter. Please make more secure hardware.
Senior Hardware Exploitation Engineer
Overseeing the reverse-engineering, failure analysis, and vulnerability analysis of hardware to identify exploitation opportunities
Leading the modification of hardware to either enable forensic analysis of the media or to change the functionality of the hardware for other purposes.
Managing a microelectronics exploitation laboratory, consisting of state-of-the-art tools for inspection, imaging; decapsulation, deprocessing, and other activities related to hardware-reverse engineering and exploitation
Directing the enhancement and maintenance of frameworks, processes, design patterns, techniques, tools, and standards for conducting hardware exploitation of digital media
Performing full-scope forensic examinations from the hardware aspect of media.
Employing reverse-engineering tools and methods to determine vulnerabilities of the device for technical exploitation purposes.
Determining how a device boots/initializes, and obtaining a binary that can be used for reverse engineering.
Leading teams and participating in the analysis of embedded platform firmware and operating systems to understand security vulnerabilities associated with various platform communication links
Leveraging knowledge gained through the reverse-engineering and other research techniques to enhance low-level C and assembly applications for embedded ARM platforms that interface directly with platform hardware
Reverse-engineering skills on embedded systems with proprietary operating systems for the express purpose of introducing functionally to an already existing fielded system.
Experience examining a hardware platform to understand the software and hardware interaction of embedded systems.
Experience with embedded system design, communication with peripheral devices at the hardware level, and reverse-engineering of system software.
Experience in Microprocessors/Architectures: ARM, MlPS, RISC, PowerPC, XScale, StrongARM, x86. Familiarity with microprocessor instruction sets is highly-desired.
Experience with the following Operating Systems: VxWorks, Integrity, Embedded Linux, JunOS, Linux, Unix, Windows Embedded. Experience with RTOS is highly-desired.
Experience using the following Hardware Tools and Debuggers: Green Hills Probe, SuperTrace Probe, Slingshot, spectrum analyzer, logic analyzer, JTAG, Agilent Technologies equipment.
One thought on “Required skills of a nation-state attacker/defender”