Defense Contractor Northrop Grumman Hiring For Offensive Cyber Ops

Defense giant Northrop Grumman is hiring software engineers to help it carry out “offensive cyberspace operations,” according to a recent job posting.

Defense giant Northrop Grumman is hiring software engineers to help it carry out “offensive cyberspace operations,” according to a recent job posting.

The job posting, for a “Cyber Software Engineer 2” appeared on the Website Clearancejobs.com and described a position on a Northrop R&D project to “plan, execute and assess an Offensive Cyberspace Operation (OCO) mission” that would include familiarity with tools like Metasploit and Google Earth and “integration of capabilities such as command linkages, data flows, situation awareness (SA) and command and control (C2) tools.”

Firms like Northrop have repeatedly been the target of sustained and sophisticated attacks from outside agents. Many of those attackers – euphemistically described as “Advanced Persistent Threats” – or APTs – are believed to have links to China and groups working for the People’s Liberation Army (PLA).

A spokeswoman for Northrop Grumman confirmed the validity of the job posting, but declined to elaborate on what Northrop was referring to with the term “Offensive Cyberspace Operations.”

As described, the job appears to be suited to a mid-level software engineer with experience in networking and agile development methodologies using a wide range of software- and Web development platforms, including Java, XML, JMS, PostgreSQL, Javascript and Python. The applicant is also expected to have knowledge of “‘security research’ tools like Metasploit, WorldWind (and) Google Earth,” according to the job posting.

“As a leading global security company and major provider of cyber services to the government, Northrop Grumman is always looking to hire talented and experienced cyber-professionals to join our company,” wrote Margaret Mitchell-Jones, Northrop’s Corporate Director for Media Relations in an e-mail to Threatpost. “At any given time there are a wide variety of job postings listed on www.northropgrumman.com/careers, which are often picked up and posted on career websites.”

In recent months, there has been discussion in policy circles about the need for the U.S. government to take a tougher line on such intrusions and for the U.S. military to develop cyber offensive capabilities to serve as a deterrent to future attacks.

The Defense Advanced Research Projects Agency (DARPA) has openly advocated improving U.S. cyber-offensive capabilities. In May, 2011, a report from the think tank The Center for a New American Century warned that cyber threats are outpacing the U.S. Government’s efforts to counter them, and called for the development of a kind of Monroe Doctrine for cyber space to discourage attacks against U.S. interests. In November, 2011, a report from the Office of the National Counterintelligence Executive accused China and Russia of a broad campaign of cyber espionage against the U.S. and its allies.  Recent months have seen senior officials from the U.S. Department of State and Pentagon and their Chinese counterparts take part in joint cyber “war games” sponsored by the Center for Strategic and International Studies (CSIS) and Chinese think tanks. 

However, the discussion hasn’t touched on the use of cyber offensive techniques by private firms. Such actions could be considered violations of domestic and international laws. 

Whatever the source of the attacks, China would almost certainly be vulnerable. Independent security researchers have also pointed out that China, which has a formidable cyber offensive capability, lags badly when it comes to cyber defense, making the country susceptible to either counter-attacks or pre-emptive strikes.

 

Suggested articles

plugX malware loader TA416

TA416 APT Rebounds With New PlugX Malware Variant

The TA416 APT has returned in spear phishing attacks against a range of victims – from the Vatican to diplomats in Africa – with a new Golang version of its PlugX malware loader.

Discussion

  • Anonymous on

    Wouldn't it be illegal under current law for a private corporation to be doing "offensive cyber operations" which basically means hacking and malware writing?
  • Anonymous on

    Wouldn't it be illegal under current law for a private corporation to be doing "offensive cyber operations" which basically means hacking and malware writing?
  • Anonymous on

    It might not necessarily be illegal if by "offensive cyber operations" they mean counter intelligence, which wouldn't really necessarily be offensive, but it would involve engaging the enemy at some point.

  • Anonymous on

    duh ng would be building it for cyber command who could and should burn down chinas cyber ops programs.

  • Anonymous on

    Is it really illegal to attack someone who has attacked you? I bet not. Maybe they have decided to hire someone to find exploits in the exploit kits. Thats what it is sounding like to me. Besides what are the hackers going to do? Contact the authorities and report that someone has hacked their Zues kit server? Not likely.

  • DekeTheGeek on

    The right to self-defense should never be denied.

  • DekeTheGeek on

    The right to self-defense should never be denied.

  • Anonymous on

    asdfghjkl;'

  • Anonymous on

    At the very least the position could be involved in simulations and developing tools that work within those simulations.  Sort of an exploratory position that might not directly be involved in offensive measures against the enemy, rather, they'd be developing the tools and training needed to put such a team in place should the time come.  This would help Northrup Grumman to be in a position to offer up cyber-offensive training and weapons directly to the government.  Training and tools that would be unique to NG and hopefully not available elsewhere.

  • uninformedluddite on

    If they are looking for proficiency in metasploit then they really are trying to employ the world's greatest hacker talent. Linking Google Earth and Metasploit is taking a big risk. There is a rumour that if someone who didn't have high level 31337 nmap skillz tried to link the two that it could bring down telnet. Not just any telnet but the Telnet with a capital t. Webmasters are currently living in fear.

  • anon on

    btw, if you read the "Roles and Responsibilities", it looks like they want a nice guy to set up offsec training and teaching for the defenders, along visualization of data on maps (my guess is to present hot spots and CNE related situational awareness). thought that they want him/her to bake and provide warm cookies too.

  • Anonymous on

          larouchepac dot com  ----  can save you time.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.