Learn why and how mastering Rust can advance your career in the cybersecurity sector
Developers have shown a stronger desire to study and master the Rust programming language during the past several years, but they are not the only ones. Ransomware gangs are increasingly coding or rewriting their software in Rust, according to recent findings by cybersecurity researchers.
According to a security assessment issued in December by Trend Micro, the Agenda group recently released a version of its ransomware that had been rewritten in Rust and had been used to attack IT and manufacturing firms. The initial Go-written version of this crypto-locking virus targeted healthcare and educational institutions. Rust-based ransomware makes it more difficult to protect against.
Rust is becoming more often used by threat actors because it is more challenging to analyse and is less frequently picked up by antivirus software.
According to Andrew Hay, chief operating officer of Denver-based LARES Consulting, many of the qualities that make Rust a growingly popular language with developers and coders now make it attractive for attackers seeking a competitive advantage to get beyond organizations’ security defences.
Rust-based malware has also been used by other ransomware-as-a-service organizations including BlackCat, Hive, and RansomExx, making it simpler to adapt the code for Windows or Linux-based computers, according to Trend Micro research.
The ability to directly access hardware and memory is perhaps one of Rust’s two greatest advantages. Other languages make it impossible to develop extremely low-level code, but C# allows it. The operating speed of Rust is the second key advantage. Hay recently told Dice that the language provides excellent speed while assuring memory safety.
Ironically, one reason why Rust is gaining popularity is that it enables programmers to write code that is less prone to security flaws and problems than code written in certain other programming languages.
Security experts point out that organizations require IT personnel who are knowledgeable about Rust and are aware of the security ramifications of how Rust-based ransomware may target and harm susceptible infrastructure. This is because cybercriminals are now employing Rust.
Organisations require tech specialists on board who are knowledgeable with Rust and how it is applied to increase the security of apps as the language gains popularity among developers and hackers. Understanding how a basic set of approaches may be used by bad actors to develop their virus is also crucial.
