Industry Perspectives Blog

In Case You Missed It: FireEye Top Stories 10-23


1.  All About Response: Charles Carmakal, VP, discussed why consequences of targeted attacks may go unnoticed. In an article in Business Value Exchange, he said, “Breaches orchestrated by foreign governments are more sophisticated than commodity attacks and mostly go unreported.” He advised that a well-prepared executive requires a compromise assessment, incident response, and managed advanced threat protection services to deal with cyber security attacks.

2.  Protect What Matters: A new series on cyber insurance on the FireEye blog began with the basics: what works and what doesn’t, and which key considerations to keep in mind. Author Mark Massey reminds readers that insurance isn’t a standalone option — it has its place among the tools to minimize risk in today’s threat landscape.

3.  CIA Chief Breached: WikiLeaks published records allegedly belonged to CIA Chief John Brennan. Hackers accessed his non-government email accounts, which Brennan used occasionally for intelligence-related projects. Leaked documents include contact lists, draft reports, memos and papers.


4.  It’s All in How You Look at It: Josh Goldfarb, FireEye CTO – Americas, published an article on security from the user perspective. The piece in Dark Reading discussed how defensive efforts are typically centered on the systems rather than the people they’re designed to protect. Goldfarb said by shifting perspectives, we can correlate activity by user rather than by system — enabling us to better identify and analyze activity that needs to be further investigated.


5. Facebook and Nation-State Attacks: Facebook has now promised to notify users if nation-state attackers appear to be targeting their account. In a Trusted Reviews article, Jason Mueller, FireEye chief security strategist, said the data available on social networks like Facebook and LinkedIn offers attackers a way to learn about their potential victims. That  information can maximize the chance that their target will click on a malicious link or attachment. Tony Cole, FireEye CTO, commented too, saying, “Compromising these individuals could lead to the later breach of their high-value employers or friends."