FireEye: Tech Firms' Secret Weapon Against Disinformation
28.8.18 securityweek IT
NEW YORK (AP) — This week has seen major social media sites step up their policing of online disinformation campaigns.
Google disabled dozens of YouTube channels and other accounts linked to a state-run Iranian broadcaster running a political-influence campaign.
Facebook removed 652 suspicious pages, groups and accounts linked to Russia and Iran.
Twitter took similar action shortly thereafter.
What did they have in common? The security firm FireEye.
Best known for its work on high-profile cyberattacks against companies including Target, JPMorgan Chase and Sony Pictures, FireEye is emerging as a key player in the fight against election interference and disinformation campaigns.
Founded in 2004, FireEye is based in Silicon Valley and staffed with a roster of former military and law-enforcement cyberexperts.
"They've really become the Navy SEALs of cybersecurity, especially for next-generation cybersecurity threats," said GBH Insights analyst Dan Ives.
Lee Foster, manager of information operations analysis at FireEye, said his team works within the company's intelligence outfit, which researches not only "info-ops" — like the Iran-linked social media activity it recently uncovered — but espionage, financial crime and other forms of vulnerability and exploitation. Specialist teams at FireEye focus on particular areas of cyberthreats, each with their own expertise and language capabilities.
"We kind of operate like a private-sector intelligence operation," he said.
FireEye was founded by Ashar Aziz, who developed a system for spotting threats that haven't been tracked before, unlike older companies that sold firewalls or anti-virus programs that block known malware.
Aziz, a former Sun Microsystems engineer, created a system that uses software to simulate a computer network and check programs for suspicious behavior, before allowing them into the network itself.
FireEye raised its profile in 2014 by acquiring Mandiant, known for expertise in assessing damage and tracing the source of cyberattacks. Mandiant founder Kevin Mandia, a former U.S. Air Force investigator, is now FireEye's CEO.
While businesses are spending more on information security, FireEye itself has spent heavily on research, development, sales and marketing. That has led to struggles to remain profitable, as heavy investments offset revenue growth.
Mandia said that during the three months ended June 30, FireEye's email security found 6 million spear-phishing attacks, a type of hacking, and its security products alerted companies of attempts to breach security 29 million times. That's important, Mandia said, because most of FireEye's products are deployed behind their client's existing firewalls or antivirus software, so everything FireEye catches has already evaded other defenses, he said.
"We are the investigators called in when the processes, people, and technology fail to prevent a security breach or incident," he said. "We find the gaps in the security fabric and we find the needle in the haystack."
FireEye Inc.'s second-quarter revenue rose 6 percent to $203 million but it lost $72.9 million, or 38 cents per share. That met Wall Street's expectations, but its shares fell as investors expected more.
That's a common problem in the white-hot cybersecurity sector, which includes competitors like Palo Alto Networks, CloudFlare and Check Point. The companies are facing high expectations as the cybersecurity market booms, fueled by heightened cyberattacks and hacking fears.
"As the space has become more competitive ... profitability and growth has been a challenge for (FireEye)," Ives said.
Still, FireEye's stock jumped 6 percent on Thursday when news broke of its role in uncovering the fake accounts on YouTube, Facebook and Twitter. It was up another 3 percent Friday.
FireEye shares hit their all-time peak of $95.63 on March 5, 2014, a few months after they went public, but began a long decline after that, hitting an all-time low of $10.40 almost exactly three years later on March 14, 2017. In the past month the stock has traded between $14.38 and $16.69.
And the company's reputation continues to grow.
"There are many vendors that play in cybersecurity when you look at some of the very sophisticated threats facing enterprise and governments," Ives said. "FireEye many times gets that first phone call when it comes to assess threat environment for companies."