“Cyber attacks that originate in Eastern Europe focus on stealing money or property – an economic purpose. Attacks from China, on the other hand, are targeted towards spying and intelligence,” said Dave DeWalt, CEO of FireEye, in a conversation with tech reporters.
“If we look at the type of attacks over the past two years, greater sophistication on can be detected by many countries who are new to this game, for example, Russia. the technological and business industries in Eastern Europe in general, as well as Mafia and crime organizations in that area, have become increasingly aggressive. There is a significant increase in Cyber attacks, especially in the financial world. ”
De Walt said that “the talents that are arriving from the Eastern bloc are amazing, they work secretly and skillfully. in that sense, that they are very different from the Chinese attackers who leave more ‘finger prints’ regarding their identity and the identity of their operators, and therefore are easier to find. It is extremely difficult to stop, isolate or impose sanctions on individual hackers, because they are protected by the organizations or countries that employ them. charges filed against the Chinese army, for example, does not necessarily lead to a formal arrests or sanctions. ”
“the difference between the attacks from China and the attacks from Eastern Europe also affects our need to provide different solutions for customers. APT attacks, for example, evolved from the Chinese market. These are stubborn threats active over time, and the idea behind them is to steal digital assets of value. There are various hackers who are looking for ways to steal information using APT, slightly different from the Russian market.”
FireEye is considered one of the leading companies in stopping targeted cyber attacks (APT). The core of its platform is its virtual engine that identifies and blocks cyber attacks before they reach the corporate IT system, and it boasts more than 1,100 customers worldwide.
In January of this year, FireEye acquired information security firm Mandiant in a deal worth over 1 billion dollars. Mandiant gained widespread international attention in February last year when The New York Times ran and expose on the Chinese military attacks on systems associated with companies and agencies in the United States.
The newspaper hired Mandiant, and the company in turn discovered that a 12-storey Shanghai office building is the base for unit 61398 of the Chinese military and that “a phenomenal amount,” of the attacks against American organization originated there. As part of the attack on the newspaper, which lasted four weeks, hackers stole passwords of employees in an attempt to reach the source of negative news about the Prime Minister of China, Wen Jiabao.
“There were three main reasons for the purchasing Mandiant,” notedDeWalt. “The first and most important was that its workers are part of the world’s best Cyber response, a military force created to deal with cyber attacks. Sort of the Navy Seals of the cyberworld. Second reason is their technology and vast experience as a consulting company, enabling our teams to respond immediately. The third reason is intelligence. Mandiants laboratories’ reports allow us to better understand the attackers, which strengthen us greatly in this respect. The combination of these three factors has made it a very worthwhile purchase for our shareholders. ”
“The opportunities in the field of cyber defense are broad, almost unlimited,” concluded DeWalt, adding that “Something in the defense architecture of the affected organizations, an architecture based on traditional security, did not work. For us, as a company, this is a tremendous opportunity.”