FireEye:Tech firms' secret weapon against disinformation
By Mae Anderson
AP TECHNOLOGY WRITER
NEW YORK- Lastweek saw major social media sites step up their policing of online disinformation campaigns.
Google disabled dozens of YouTube channels and other accounts linked to a state-run Iranian broadcaster running a political- influence campaign.
Facebook removed 652 suspicious pages, groups and accounts linked to Russia and Iran. Twitter took similar action soon after.
What did they have in common? The security firm Fi re Eye .
Best known for its work on high-profile cyberattacks against companies including Target, JPMorgan Chase and Sony Pictures, FireEye is emerging as a key player in the fight against election interference and disinformation campaigns.
Founded in 2004, FireEye is based in Silicon Valley and staffed with a roster of former military and law-enforcement cyberexperts.
'They've really become the Navy SEALs of cybersecurity, especially for next-generation cybersecurity threats,' said GBH Insights analyst Dan Ives.
Lee Foster, manager of information operations analysis at FireEye, said his team works within a company's intelligence outfit, which researches not only 'info-ops' - like the Iranlinked social media activity it recently uncovered - but espionage, financial crime and other forms of vulnerability and exploitation. Specialists at FireEye focus on particular areas, each with their own expertise and language capabilities.
'We kind of operate like a private-sector intelligence operation,' Foster said.
FireEye was founded by Ashar Aziz, who developed a system for spotting threats that haven't been tracked before, unlike older companies that sold firewalls or anti-virus programs that block known malware.
Aziz, a former Sun Microsystems engineer, created a system that uses software to simulate a computer network and check programs for suspicious behavior before allowing them into the network itself.
FireEye raised its profile in 2014 by acquiring Mandiant, known for expertise in assessing damage and tracing the source of cyberattacks. Mandiant founder Kevin Mandia, a former Air Force investigator, is now FireEye's CEO.
While businesses are spending more on information security, FireEye itself has spent heavily on research, development, sales and marketing. That has led to struggles to remain profitable, as heavy investments offset revenue growth.
Mandia said that during the three months ended June 30, FireEye's email security found 6 million spear-phishing attacks, a type of hacking, and its security products alerted companies of attempts to breach security 29 million times. That's important, Mandia said, because most of FireEye's products are deployed behind existing firewalls or antivirus software, so everything FireEye catches has already evaded other defenses, he said.
'We are the investigators called in when the processes, people and technology fail to prevent a security breach or incident,' he said. 'We find ... the needle in the haystack.'
FireEye Inc.'s second- quarter revenue rose 6 percent to $203 million, but it lost $72.9 million, or 38 cents per share. That met Wall Street's expectations, but shares fell as investors expected more.
That's a common problem in the white-hot cybersecurity sector, which includes competitors like Palo Alto Networks, CloudFlare and Check Point. The companies are facing high expectations as the cybersecurity market booms, fueled by heightened cyberattacks and hacking fears.
FireEye's stock jumped 6 percent on Thursday when news broke of its role in uncovering the fake accounts on YouTube, Facebook and Twitter. It was up another 3 percent Friday.