FireEye Uncovers Key Characteristics to Identify Origin of Advanced Cyber Attacks

Analysis Reveals Previously Unreported Attack Tactic from Chinese “Comment Crew”

FireEye®, Inc., the leader in stopping today's new breed of cyber attacks, today announced the release of “Digital Bread Crumbs: Seven Clues To Identifying Who’s Behind Advanced Cyber Attacks,” a report which details the most prevalent attack characteristics that can help security professionals identify threat actors and better defend organizations from future advanced cyber attacks. The report also identifies an attack tactic employed by the Chinese military group known as “Comment Crew,” previously linked to targeted attacks against the U.S. government.

“In today’s cyber threat landscape, identifying your enemy is a crucial piece of any defense plan,” said Ashar Aziz, CTO and founder of FireEye. “When it comes to advanced cyber attacks, finding out who your attackers are, how they work, and what they are after is critical to protecting your data and intellectual property.”

“Digital Bread Crumbs” analyzes advanced attacks to identify the patterns, behaviors, and techniques that comprise an attack’s digital paper trail. The report outlines seven specific attack characteristics - like attack behavior, malware metadata, or keyboard layout – that can significantly help in attributing specific attacks to a particular country or region.

For example, the report describes the recent analysis of malware metadata, which helped to identify a previously undisclosed attack tactic used by the Chinese “Comment Crew,” a notorious hacker group linked earlier this year to a series of attacks against the U.S. government.

“Attackers give themselves away inside their malware code, phishing emails, command-and-control servers, and even basic behaviors,” said Mr. Aziz. “Just as the science of fingerprints, DNA, and fiber analysis have become invaluable in criminal forensics, connecting the dots of a cyber attack can help identify even sophisticated threat actors — if researchers know what to look for.”

Implementing the methods outlined in “Digital Bread Crumbs” will allow security professionals to identify threat actors earlier, and better protect their organizations from advanced cyber attacks.

Click here for the full report, “Digital Bread Crumbs: Seven Clues To Identifying Who’s Behind Advanced Cyber Attacks

About FireEye, Inc.

FireEye® has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors, including Web, email, and files and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 1,000 customers across more than 40 countries, including over one-third of the Fortune 100.

Media Contact

Katherine Nellums



# # #

FireEye is a registered trademark of FireEye, Inc. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.