Reverse Engineering

Reverse Engineering occurs when you take a finished product and work backward to determine how it was constructed or engineered. By breaking a product or piece of software down into its component parts you can extract a good deal of information about the product. This strategy is very common in forensic investigations to determine the root cause of how a breach occurred.  It is also often used by nation-states to steal intellectual property from other countries rather than having to create a novel product or the IP to begin with.

What Does This Mean For My SMB?

While there aren’t specific actions you can take around Reverse Engineering; if you own a business, you need to be doing these things to protect your sensitive information:

  1. Govern employees with policies and procedures. You need a password policy, an acceptable use policy, an information handling policy, and a written information security program (WISP) at a minimum.
  2. Train employees on how to spot and avoid phishing attacks. Adopt a Learning Management system like CyberHoot to teach employees the skills they need to be more confident, productive, and secure.
  3. Test employees with Phishing attacks to practice. CyberHoot’s Phish testing allows businesses to test employees with believable phishing attacks and put those that fail into remedial phish training.
  4. Deploy critical cybersecurity technology including two-factor authentication on all critical accounts. Enable email SPAM filtering, validate backups, deploy DNS protection, antivirus, and anti-malware on all your endpoints.
  5. In the modern Work-from-Home era, make sure you’re managing personal devices connecting to your network by validating their security (patching, antivirus, DNS protections, etc) or prohibiting their use entirely.
  6. If you haven’t had a risk assessment by a 3rd party in the last 2 years, you should have one now. Establishing a risk management framework in your organization is critical to addressing your most egregious risks with your finite time and money.
  7. Buy Cyber-Insurance to protect you in a catastrophic failure situation. Cyber-Insurance is no different than Car, Fire, Flood, or Life insurance. It’s there when you need it most.

Most of these recommendations are built into CyberHoot. With CyberHoot you can govern, train, assess, and test your employees. Visit and sign up for our services today. At the very least continue to learn by enrolling in our monthly Cybersecurity newsletters to stay on top of current cybersecurity updates.


Related Term: Reverse Intent

Source: NICCS

To learn more about Reverse Engineering, watch this 11 min. video:

Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.