Tag: FireEye’s | SpinSafe

Hackers attempted to troll FireEye CEO Kevin Mandia with a postcard that called into question the company’s ability to attribute cyberattacks to the Russian government, Reuters reported.

The FBI is investigating a mysterious postcard sent to Mandia’s home days after FireEye found initial evidence of a suspected Russian hacking operation on U.S. government agencies and private businesses, according to Reuters. Federal officials said Jan. 5 that a Russian Advanced Persistent Threat (APT) group is likely behind colossal hacking campaign, but FireEye hasn’t publicly attributed the attack to Russia.

U.S. officials familiar with the postcard are investigating whether it was sent by people associated with a Russian intelligence service due its timing and content, according to Reuters. This suggests Russian intelligence officials had internal knowledge of the massive hack well before it was publicly disclosed in December, Reuters said. FireEye declined to comment to CRN on the Reuters report.

[Related: Kevin Mandia: 50 Firms ‘Genuinely Impacted’ By SolarWinds Attack]

The postcard did not on its own help FireEye find the breach, but rather arrived in the early stages of the threat intelligence vendor’s investigation, Reuters said. This led people familiar with the card to believe the sender was attempting to discourage further inquiry by intimidating a senior executive. Reuters said U.S. law enforcement and intelligence agencies are spearheading a probe into the postcard’s origin.

FireEye blew the lid off the hacking campaign Dec. 8 when the company disclosed that it was breached in an attack designed to gain information on some of the company’s government customers. Before entering the corporate world, Mandia spent six years in the U.S. Air Force, where he was a computer security officer at the Pentagon and a special agent in the Air Force Office of Special Investigations.

A person familiar with the postcard investigation told Reuters actions like these aren’t typically in the playbook of Russia’s foreign intelligence service, or APT29, but noted that “times are rapidly changing.” The U.S. Cyber Command sent private messages to Russian hackers ahead of…

Source…

What separates a great Major League Baseball hitter like David Ortiz from some run-of-the mill player? Great eyesight and intelligence. Ortiz sees more than others and takes all of the rich information he sees to make an intelligent, actionable decision to swing a baseball or not. While lots of players claim to do this, only a few have the right combination of the two to separate themselves from the field.

The same thing can be said for IT security. It takes visibility across the entire attack spectrum, plus analytics and real-world insight, to provide actionable threat intelligence. Many vendors claim to have threat intelligence, but they operate by looking for anomalies in the network to flag something that might be a breach. This can be valuable, but it addresses only part of the security continuum.

To read this article in full or to leave a comment, please click here

Network World Security

Tag Archive for: FireEye’s

Hackers Taunt FireEye’s Kevin Mandia At Home With Postcard: Report

FireEye’s iSIGHT threat intelligence exposes security blind spots