Fighting the Good Cyberfight!
When a kingpin gets hacked, we and our partners talk LOUDLY about it in order to share what we learned, coordinate our endeavors, and batten down the hatches. That is the leadership tact FireEye CEO Kevin Mandia took when last week’s attack was launched against the firm by cybercriminals accessing the same “Red Team” tools used by FireEye (with customers’ permission) to test their cyber-resilience using “white hat” attacks. Mandia explains “the attackers used a novel combination of techniques not witnessed by us or our partners in the past. The techniques thwarted counter-security tools and forensic examination and allowed the cyber attackers to operate without detection. There’s no evidence that customer information was compromised, but if any emerges the customers involved will be contacted directly.”
You see, just because experts know where to look and what to look for doesn’t mean they won’t be attacked. It simply means they won’t experience a breach that compromises them to an extent that they are unable to mitigate the damage to themselves and those they protect. FireEye walked the talk. Within hours, Mandia was forthcoming, problem on the table, made public knowledge, and mitigating damage. And I don’t doubt he called industry heads to sit together on this one, virtually and physically (masked or not), burning Tuesday night’s oil in order to throw back a counter play that muzzled the attacker and unraveled their devious plan.
Think Match 6 in world class chess when, in 41 moves, Bobby Fischer dethrones the defending champion Boris Spassky. From move 36:
S: Queen back to E8
F: Rook back to F3
S: Queen to D8
F: Bishop to C4
S: Queen back to E8
F: Rook to F8
CHECKMATE!
Fischer memorized then leveraged the errors Spassky made in former matches with other Chess greats — errors that Spassky had not memorized or had failed to remember how he salvaged those or how he paid for those errors.
So it was last week with long-standing, well respected, cybercrime fight partner FireEye: their breach got all our attention, as we watched them release the indicators of compromise to those needing to know. Now, companies have the wherewithal to detect whether Red Team tools are being used against them! FireEye won by recapturing from the criminals any power to negatively spin those useful Red Team tools. As this unfolds, Mandia’s positivity of full disclosure is in view for all to behold. Good job.
Make no mistake: We cybersecurity firms (MSSPs) are vying for your cybersecurity business, but we stand shoulder to shoulder in our fight against cybercrime and our common enemy – the Deep Web’s tosses and turns in every corner of the globe! And as Fischer did, we memorize and leverage errors those bad actors make when bludgeoning their way into our networks to try and compromise yours.
The good news: We win more matches than we lose, and ‘losing’ in our book doesn’t typically mean the bad actors get any further in the game than a few pawn moves due to Artificial Intelligence (AI) tools detecting ‘bad behavior’ we can mitigate in good time.
Is it becoming clearer why your IT folks need a cybersecurity partner? Without our A.I. tools, those who would seize your information assets are only one to five moves away from crying “Checkmate”! So when a powerhouse like FireEye can get jolted head on, what do you think cybercriminals will do to your firm’s well meaning, hard working handful of IT guys and gals who stand bravely yet helplessly outnumbered and without power tools?
Let the cybersecurity experts fight the galactic battles they’re used to winning, so you and your team can sleep easy and awake refreshed to win the economic war you navigate in these turbulent times!
Data-Guard 365 is a MSSP firm headquartered in Indianapolis, Indiana, with offices in Chicago, Atlanta, and other strategic locations across the globe. The company is a one-of-a-kind business partner whose people, processes, and technology provide armored cybersecurity for a price point that pays for itself. www.Data-Guard365.com / (317) 967-6767 / info@data-guard365.com
Back to Articles/Blog
