top of page

Course Description

In an era where geopolitical dynamics transcend physical borders and infiltrate the digital realm, malware has been weaponized as a tool of foreign policy. Numerous high-profile instances like Stuxnet disrupting Iranian centrifuges, the Wiper malware attacking Saudi Aramco, and the North Korean malware compromising Sony, illustrate the escalating threat of state-sponsored hacking.

Our course, "Nation State Malware", serves as an essential platform to delve into the nuances of state-sponsored cyberattacks and understand the diverse landscape of cyber warfare techniques. Through a detailed exploration of tactics, techniques, and procedures employed in the creation and deployment of renowned malware, the curriculum dissects how malware is not just a weapon, but also a significant capability in cyber warfare.

We invite cybersecurity professionals and military commanders to familiarize themselves with the truth behind state nation sponsored hackers. Our course enables a comprehensive understanding of how to perform malware threat analysis and formulate responsive cyber defense strategies. Learn from the mistakes made in previous high-stakes case studies and avoid repetition in your organizations.

The course structure is designed to address the specificities of various threat actors in a dedicated format. The APT/Malware series includes:

  • China (3-day): Decoding the intricate workings of state-sponsored cyberattacks, with real-world examples like the infamous Operation Aurora.

  • Russia (3-day): Unveiling the well-oiled machinery behind state nation sponsored hackers, as seen in incidents like the NotPetya cyberattack.

  • Iran (3-day): Understanding the rationale, execution, and consequences of cyber warfare, mirrored in attacks like the Shamoon data-wiping malware.

  • North Korea (2-day): Discussing the stealthy and potent aspects of state-sponsored hacking from the hermit kingdom, as exemplified by the Sony Pictures hack.

  • ISIS (2-day): Scrutinizing the cyber warfare strategies and techniques employed by non-state actors in a volatile political climate.

The stakes of cyber warfare have never been higher. In the age where nation state malware is a prevalent reality, equip yourself with the knowledge and tools necessary to safeguard national security and corporate integrity. Enroll in "Nation State Malware", and redefine your understanding of modern-day warfare.

Who Should Take This Nation State Malware Course?

This course is designed for a wide spectrum of professionals who seek a comprehensive understanding of state-sponsored cyber threats, malware analysis, and advanced defensive strategies. Ideal candidates include:

  1. Cybersecurity Professionals: If you work in threat analysis, network security, digital forensics, or incident response, this course will deepen your knowledge of state-sponsored cyberattacks and equip you with practical techniques to detect, analyze, and mitigate threats.

  2. Military Commanders and Personnel: For those involved in the military's cyber operations, understanding the complexities of nation state malware is crucial. This course will offer insights into the digital warfare strategies of various national and non-state actors, enabling more effective defense and counterstrategy planning.

  3. Policy Makers and Strategists: Those shaping cyber policies and strategies within governmental or non-governmental organizations would greatly benefit from this course. Gain a thorough understanding of how foreign powers use malware as a geopolitical tool and how it affects national and international cybersecurity landscapes.

  4. IT Managers and CISOs: If you're responsible for your organization's cybersecurity posture, this course will provide in-depth knowledge about the nation state malware threat landscape. It can help you design better cyber defense strategies and understand the larger geopolitical implications of state-sponsored hacking.

  5. Cybersecurity Researchers and Academics: If you're involved in research or teaching in the field of cybersecurity, this course provides a wealth of case studies and technical insights that can inform your work.

  6. Cybersecurity Students: For those pursuing a career in cybersecurity, especially in the areas of cyber warfare and threat intelligence, this course offers a thorough foundation and prepares you for the challenging real-world scenarios.

Regardless of your role, if you have an interest in the defense against state-sponsored cyberattacks, and the tactics, techniques, and procedures used in the deployment of nation state malware, this course is for you.

Example Course Schedule

Day 1: Introduction to State-Sponsored Hacking and Nation State Malware

We kick off our course with an overview of state-sponsored hacking, exploring how nation states employ malware as a weapon and a capability. We delve into key case studies including Stuxnet and the North Korean malware against Sony to underscore the realities of state-sponsored cyberattacks.

Day 2: Unpacking the Truth, Tactics, and Strategies of Cyber Warfare

On day two, we delve deeper into the world of cyber warfare, demystifying the truth, tactics, and strategies that are employed in state-sponsored cyber warfare. This will encompass a comprehensive view of offensive and defensive techniques used in cyber warfare, and the strategic implications for nation states and organizations.

Day 3: Understanding the Design and Priorities of Nation State Malware

Day three is dedicated to unraveling the design intricacies and priorities of nation state malware. From reconnaissance to exploitation and maintaining access, we outline the life cycle of state-sponsored cyberattacks. The session also includes practical exercises on malware threat analysis, helping you understand the process of detecting, analyzing, and mitigating threats.

Day 4: Case Study Deep-Dive: Strategies of State Nation Sponsored Hackers

This day is dedicated to analyzing the unique strategies of state nation sponsored hackers. We will dissect real-world examples to understand the different approaches used by various state actors, their motivations, and how their strategies fit into the broader geopolitical context.

Day 5: Future of Cyber Warfare and Wrap-Up

On the final day, we will look towards the future, discussing anticipated trends in state-sponsored hacking and how professionals can prepare. We'll also revisit key learnings from the course, providing a comprehensive review and a panel discussion on how to build resilience against state-sponsored cyberattacks in your organization.

Closing thoughts

State-sponsored hacking and nation state malware have become significant tools in geopolitical strategies. These cyber weapons, employed by nation states and non-state actors alike, can disrupt critical infrastructure, infiltrate sensitive systems, and manipulate public sentiment.

The "Nation State Malware" course aims to equip professionals with the necessary knowledge, analytical skills, and strategic acumen to face these sophisticated cyber threats head-on. Our discussions, from the inception and design of malware to its deployment and aftermath, underscore the reality of these cyber threats and their far-reaching implications.

We've learned from the past, with case studies such as Stuxnet and the North Korean attacks on Sony, how devastating and influential state-sponsored cyberattacks can be. We've explored the truth, tactics, and strategies that underpin state-sponsored cyber warfare. And we've prepared for the future, discussing anticipated trends and the evolving tactics of state nation sponsored hackers.

This knowledge is not just academic. It's vital for protecting national security, corporate integrity, and societal stability. We hope this course has enriched your understanding of the state-sponsored cyber landscape and empowered you to make a difference in your respective fields. Armed with this knowledge, we can collectively forge a path toward a more secure digital world. Remember, in the realm of cyber warfare, knowledge is the best defense.

About Boston Cybernetics Institute

Boston Cybernetics Institute, PBC was created by former MIT Lincoln Lab cybersecurity researchers to give meaningful niche cyber instruction to a new generation of cybersecurity professionals.


We avoid the normal style of teaching with PowerPoint and lectures, opting to provide instead real-life engaging instruction that takes place in a customized environment. We have given our style of instruction to multiple DoD agencies, US commercial companies, and international companies.


Instructors at Boston Cybernetics Institute

Jeremy Blackthorne.png

Jeremy Blackthorne

President of the Boston Cybernetics Institute

Jeremy Blackthorne is a Lead Instructor at the Boston Cybernetics Institute (BCI). Before BCI, he was a researcher in the Cyber System Assessments group at MIT Lincoln Laboratory. Blackthorne is the co-creator and instructor for the Rensselaer Polytechnic Institute (RPI) courses: Modern Binary Exploitation, Spring 2015 and Malware Analysis, Spring 2013. ​Jeremy has published research at various academic and industry conferences. He served in the U.S. Marine Corps and is an alumnus of RPISEC. He holds a BS and MS in computer science. ​ Blackthorne was an active member of the Student Security Club and CTF team, RPISEC, from 2012 to 2015, where he taught seminars on Reverse-Engineering, Exploitation, and various other Cybersecurity topics.


Clark Wood

security researcher and instructor

Clark Wood is a security researcher and instructor at the Boston Cybernetics Institute (BCI), focusing on Reverse Engineering, Exploitation, and CI/CD. He recently built a Reverse-Engineering and Exploitation platform for a DoD customer and is the Lead Engineer for BCI’s Government Services. Clark was formerly on the technical staff at MIT Lincoln Laboratory where he was a member of the Cyber System Assessments Group. ​Clark holds a BA in Economics from the University of Florida, a BS and MS in Computer Science from Florida State University, and a Master’s in Technology and Policy from MIT. ​


Rodolfo Cuevas

security researcher and instructor

Rodolfo Cuevas is a security researcher and instructor at BCI, where he focuses on understanding how design constraints can be used to limit the impact of an attacker on a system. His research combines the adversarial mindset with approaches influenced by Systems and Control Theory. ​ Rodolfo was a staff member at MIT Lincoln Laboratory and began his career as a RADAR and Ballistic Missile Defense System (BMDS) analyst. Later, Rodolfo transitioned to evaluating and Red-Teaming tactical and commercial cyber systems in support of DoD and other government programs. ​ Rodolfo holds a BS, M.Eng., and M.S. in Electrical and Computer Engineering from Cornell University.


Reed Porada

security researcher and instructor

Reed Porada is a security researcher and instructor at BCI, focused on getting to the "so what" of both defensive and offensive cyber measures. Reed also leads BCI training in Cyber Systems Analysis, focusing on developing systems-thinking skills of developers up to managers. ​Reed was a staff member at MIT Lincoln Laboratory for ten years, where he was responsible for Test and Evaluation, Test Automation Research, Red-Teaming of Cyber Systems, and Blue System Architectures. Reed was a computer scientist at the Naval Research Laboratory focused on wireless communication systems. He holds a BS in Computer Science from the University of Maryland, College Park and an MS in Software Engineering from Carnegie Mellon University.

Nation State Malware Course

Unveiling the Truth, Tactics, and Strategies of State-Sponsored Cyber Warfare



Upon request


5 days

What happens after I click the button?

Your default e-mail client will pop up and you'll be asked to write us a short message. Please let us know which course you are interested in and what dates would work for you.

Anchor 1
bottom of page