Illustration: National Security Agency

The National Security Agency will release an agency-designed tool to research malware as a free-to-the-public, open source program.

The big picture: The NSA program, known as GHIDRA, is a reverse engineering tool that takes malware and returns the source code used to make it, which otherwise remains inaccessible. That enables researchers and security pros to understand, attribute and even counter the malware.

Why it matters: This small move could be widely disruptive.

  • Reverse engineering tools aren't cheap, costing in the hundreds or thousands of dollars to license. Any group releasing a free, high-quality tool democratizes research into how cyberattacks are waged.
  • But the NSA isn't just any group. Spy agencies typically keep their tech close to the vest, and sharing it in this way changes the dynamic of the NSA's relationship with the American and global public.

GHIDRA will become an open source project, meaning any software developer can use it, modify it and contribute code to help improve the product.

  • Users familiar with GHIDRA describe it as comparable to (some said better than) commercially available offerings, although it may be a little buggy.
  • That's probably not a huge deal to anyone trying to learn or teach the art of malware analysis.
  • "GHIDRA will help level the playing field for cybersecurity personnel, where there is a well-documented skills gap, by providing a tool that they otherwise wouldn't have access to or could afford," said Patrick Miller, a Raytheon researcher and fan of the tool. "This will likely lead to the tool being used in cyber and coding competitions as well as in school curricula."
  • Miller noted that GHIDRA and commercial tools like IDA and Binary Ninja each offer advantages, and serious researchers would find uses for all three programs in their arsenals.

The impact: To the NSA, the move offers a number of advantages.

  • It brings the agency, which has been maligned since the Edward Snowden revelations, out of the shadow and demonstrates a commitment to the public good.
  • Making research easier raises the cost for foreign adversaries to attack Americans, both public and private.
  • It demonstrates NSA confidence in the tools it keeps secret and in those used by its sibling agency, U.S. Cyber Command, in offensive missions.

To answer your least pressing questions: GHIDRA is pronounced "Gee - dra," according to NSA official Rob Joyce, who will be presenting the tool to the RSA cybersecurity conference for its official release later Tuesday. We asked.

  • A Ghidra is (perhaps coincidentally) a character in the Final Fantasy series of video games — an apparent mistranslation of the Japanese word for Hydra.
  • The logo on the NSA site for GHIDRA is a snake with a dragon's head forming an infinity symbol, turning its tail into binary code as it eats it. The binary spells out the first statement programmers traditionally learn how to display: "Hello world."

Go deeper

Updated 3 hours ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of 7 p.m. ET: 12,859,834 — Total deaths: 567,123 — Total recoveries — 7,062,085Map.
  2. U.S.: Total confirmed cases as of 7 p.m. ET: 3,297,501— Total deaths: 135,155 — Total recoveries: 1,006,326 — Total tested: 40,282,176Map.
  3. States: Florida smashes single-day record for new coronavirus cases with over 15,000 — NYC reports zero coronavirus deaths for first time since pandemic hit.
  4. Public health: Ex-FDA chief projects "apex" of South's coronavirus curve in 2-3 weeks — Coronavirus testing czar: Lockdowns in hotspots "should be on the table"
  5. Education: Betsy DeVos says schools that don't reopen shouldn't get federal funds — Pelosi accuses Trump of "messing with the health of our children."

Scoop: How the White House is trying to trap leakers

Illustration: Sarah Grillo/Axios

President Trump's chief of staff, Mark Meadows, has told several White House staffers he's fed specific nuggets of information to suspected leakers to see if they pass them on to reporters — a trap that would confirm his suspicions. "Meadows told me he was doing that," said one former White House official. "I don't know if it ever worked."

Why it matters: This hunt for leakers has put some White House staffers on edge, with multiple officials telling Axios that Meadows has been unusually vocal about his tactics. So far, he's caught only one person, for a minor leak.

11 GOP congressional nominees support QAnon conspiracy

Lauren Boebert posing in her restaurant in Rifle, Colorado, on April 24. Photo: Emily Kask/AFP

At least 11 Republican congressional nominees have publicly supported or defended the QAnon conspiracy theory movement or some of its tenets — and more aligned with the movement may still find a way onto ballots this year.

Why it matters: Their progress shows how a fringe online forum built on unsubstantiated claims and flagged as a threat by the FBI is seeking a foothold in the U.S. political mainstream.