Collaborate Disseminate
The Mandiant founder and Google Cloud adviser says boards are paying more attention than ever before, and dispensed some advice for how CISOs can give them what they want.
The post Here’s what corporate boards are asking Kevin Mandia about appeared first on CyberScoop.
Continue reading Here’s what corporate boards are asking Kevin Mandia about
Careful data collection, specific keyword searches and the type of breach were factors that FireEye used to determine that Kremlin-sponsored hackers were behind one of the largest cyber-espionage operations in recent years. The first revelations about what would come to be known as the SolarWinds campaign — in which spies exploited the federal contractor to breach nine U.S. government agencies and roughly 100 companies — occurred in early December 2020, when FireEye announced that hackers had stolen its security testing tools. The Milpitas-based company discovered that SolarWinds software was affected during the course of its own investigation, sparking examinations throughout U.S. national security circles that remain ongoing. “We learned it’s fair game to hack the supply chain,” FireEye CEO Kevin Mandia said Tuesday during CyberTalks, a summit presented by CyberScoop. While scrambling to understand the scope of the breach, FireEye investigators observed that hackers had searched for specific keywords, an […]
The post How FireEye attributed the SolarWinds hacking campaign to Russian spies appeared first on CyberScoop.
Continue reading How FireEye attributed the SolarWinds hacking campaign to Russian spies
The foreign espionage operation that breached several U.S. government agencies through SolarWinds software updates was unique in its methods and stealth, according to FireEye CEO Kevin Mandia, whose company discovered the activity. “This was not a drive-by shooting on the information highway. This was a sniper round from somebody a mile away from your house,” Mandia said Sunday morning on CBS’s “Face the Nation.” “This was special operations. And it was going to take special operations to detect this breach.” Mandia estimated that about “only about 50 companies or organizations” were the true targets of the operation, which is suspected to be the work of the Russian intelligence agency known as the SVR. Texas-based SolarWinds reportedly has about 300,000 customers overall in government and industry, and the malware in the spy campaign was pushed out to about 18,000 of those, including U.S. government agencies and major corporations. In the CBS […]
The post FireEye’s Mandia on SolarWinds hack: ‘This was a sniper round’ appeared first on CyberScoop.
Continue reading FireEye’s Mandia on SolarWinds hack: ‘This was a sniper round’
FireEye’s announcement this week that hackers breached its systems has sent shockwaves through the cybersecurity community, raising new questions about how one of the most influential security firms in the U.S. grappled with an apparently state-sponsored attack. It also has triggered policy discussions about whether the U.S. government should do more to protect cyber industry titans like FireEye, one of the top cybersecurity firms in the world with customers that counts Fortune 500 companies among its clients. The hack adds FireEye to the list of cybersecurity companies that have experienced their own breaches, a roster stretching back to at least the beginning of the last decade. “This news has rocked the cybersecurity industry to our core, unlike anything since the RSA hack” from 2011, said Tom Bossert, president of Trinity Cyber and the former homeland security adviser to President Donald Trump. “It’s a pretty big deal.” FireEye revealed on Tuesday […]
The post As FireEye grapples with breach investigation, questions remain appeared first on CyberScoop.
Continue reading As FireEye grapples with breach investigation, questions remain
Malware used by the United States in offensive cyber-operations plays “nice” when compared to other nation-state malware, according to FireEye CEO Kevin Mandia. Speaking at the Cyber Threat Intelligence Forum produced by Scoop News Group on Thursday, Mandia said when FireEye analyzes malware from state-backed hackers, the company usually finds elements of public policy baked into operations. Certain tells in the malware’s behavior or the code itself can be indicative of which state is behind it. “We find malware that sometimes has a time to live and then it doesn’t run anymore. I wonder who would do that,” Mandia said on stage. “Probably [the U.S.] because we’re the nicest hackers in cyberspace, besides maybe China.” The U.S. and China are more disciplined in their operations than adversaries like North Korea and Russia, who are instead unrestrained, he said. “We see guardrails on malware from nations like the United States, but do […]
The post Playing nice? FireEye CEO says U.S. malware is more restrained than adversaries appeared first on Cyberscoop.
Continue reading Playing nice? FireEye CEO says U.S. malware is more restrained than adversaries
While hackers linked to China, North Korea and Russia have dominated headlines over the past year, similar groups in Iran have caused significant damage while drawing far less attention. Multiple cyber-espionage groups attributed to Iran became increasingly active over the last 12 months, as at least four entities with ties to the regime have broken into a wide array of organizations, according to private sector cybersecurity experts and three former U.S. intelligence officials with knowledge of regional activity. “For the first time in my career, I’m not convinced we’re responding more to Russia or China,” FireEye CEO Kevin Mandia said in a report published by the company on Thursday. “It feels to me that the majority of the actors we’re responding to right now are hosted in Iran, and they are state-sponsored.” This surge in digital espionage — which has predominantly come in the form of spearphishing emails, strategic web compromises and breached social […]
The post This country’s hacking efforts have become too big to ignore appeared first on Cyberscoop.
Continue reading This country’s hacking efforts have become too big to ignore
At 13 years old, FireEye has already been through a pretty rough adolescence, including the loss of a CEO last year and a 40 percent drop in the value of its stock at one point. But the prominent cybersecurity company’s current leadership has been aiming for long-term profitability, and its numbers from the first quarter of 2017 brought some good news. FireEye reported a better-than-expected 3.4 percent rise in revenue to $173.7 million for the quarter, thanks to its product subscription and services businesses. New CEO Kevin Mandia projects bigger numbers in the coming quarters and eventual profitability by the end of the year, pinning much of that forecast to the recent release of the company’s Helix platform. High-profile hacks from Target to Sony resulted in headline-making FireEye investigations in recent years, but the company’s stock cratered in 2016. That trend has changed — the share price is up 13 percent in 2017, jumping 15 percent to $13.80 in after-hours trading following […]
The post A company in transition, FireEye sees surprise boost in revenue appeared first on Cyberscoop.
Continue reading A company in transition, FireEye sees surprise boost in revenue