How A Cybersecurity Firm Uncovered The Massive Computer Hack : NPR

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


Kevin Mandia, CEO of the cybersecurity firm FireEye, testifies before the Senate Intelligence Committee in 2017. Mandia’s company was the first to sound the alarm about the massive hack of government agencies and private companies on Dec. 8.

Susan Walsh/AP


hide caption

toggle caption

Susan Walsh/AP

Kevin Mandia, CEO of the cybersecurity firm FireEye, testifies before the Senate Intelligence Committee in 2017. Mandia’s company was the first to sound the alarm about the massive hack of government agencies and private companies on Dec. 8.

Susan Walsh/AP

The first word that hackers had carried out a highly sophisticated intrusion into U.S. computer networks came on Dec. 8, when the cybersecurity firm FireEye announced it had been breached and some of its most valuable tools had been stolen.

“We escalated very quickly from the moment I got the first briefing that, ‘Hey, we have a security incident of some magnitude,’ ” FireEye CEO Kevin Mandia told All Things Considered co-host Mary Louise Kelly. “My gut was telling me it was something we needed to put people on right away.”

Mandia was right. Within days, the scope of the hack began to emerge.

Multiple U.S. agencies were successfully targeted, including the departments of State, Treasury, Commerce, Energy and Homeland Security as well as the National Institutes of Health.

The hackers attached their malware to a software update from Austin, Texas-based company SolarWinds, which makes software used by many federal agencies and thousands of private companies to monitor their computer networks.

The SVR, Russia’s foreign intelligence agency, is considered the most likely culprit, according to Secretary of State Mike Pompeo and some members of Congress who have been briefed by…

Source…