Please fill in the form below to subscribe to our blog

3 Lessons Learned from the FireEye Breach

December 10, 2020
the FireEye breach and nation state hacking represented by a world map in blue-green.

The FireEye Breach and Fallout Demonstrates Key Facts About Cybersecurity in 2020


A massive breach at cybersecurity giant FireEye sent shockwaves around the industry. Known for creating cutting-edge cybersecurity technology and pioneering cybersecurity strategies, an incident like this was shocking to many. But there are several important lessons to be learned from the FireEye breach that illustrate important lessons for every company to learn about how cybersecurity has evolved in 2020.


What Happened at FireEye?


Earlier this week, FireEye reported in an SEC filing that it had experienced a major, devastating data breach. The incident, described as a surgically precise strike that was specifically designed and carried out to breach FireEye’s unique defenses, was attributed to (likely Russian) nation-state hackers. In the ensuing breach, these hackers were able to steal several of FireEye’s specialized security tools.

We’ll never know the whole story of what happened and how due to the sensitive nature of much of the material and the parties involved, but even a surface examination teaches us a few important lessons about cybersecurity and threats in today’s tumultuous landscape, and show us a few ways that businesses can protect themselves. BOOK YOUR PERSONALIZED DEMO>>



Nation-State Hackers Are Just Getting Started


It’s important to note that the trajectory of nation-state attacks is only heading up. The first half of 2020 saw 41,000 intrusions, a higher figure than the 35,000 detected during all of 2019. Over 30% of companies were targeted by nation-state actors in 2020. That means that it’s essential for every company to be ready to defend against technology like TrickBot and the other hazards that these hackers are bringing to your door.

One of the most favored tools of these state-sponsored cybercriminals is ransomware. While ransomware is typically used to steal data, it’s also growing in popularity as a way to disrupt operations. Ransomware deployed by nation-state gangs has shut down transportation systems, closed hospitals, disrupted essential medical research, and brought manufacturing around the world to a halt, and that’s not stopping.

Protecting your business from phishing is a modern essential, but it’s even more crucial as part of a defense plan to guard against nation-state attacks powered by ransomware. Your staff needs to be aware of what to look for and what to do if they encounter a suspected nation-state phishing email. Increased phishing resistance training using Bullphish ID can help teach your staff about the latest tactics, transforming them from your biggest security risk into your biggest security asset. SEE A DEMO VIDEO OF BULLPHISH ID>>



Cybercrime Can Happen to Anyone


No company is immune to cybercrime, no matter how big or sophisticated it may be. This attack was specifically planned and executed just to break through FireEye’s defenses, but thousands of smaller attacks are launched by nation-state hackers every day against companies of every size.

It’s also important to note that a company can be doing everything right and using the most advanced technology in the world, and determined, skilled hackers can still slip in, especially in highly targeted sectors like healthcare. But it’s not difficult to make their job harder by throwing up roadblocks that cost them time and effort – and it could be the one factor that makes your company a less attractive target.

A secure identity and access management solution like Passly is a major CISO priority in 2021 for exactly that reason. This multifunctional solution stops most hackers in their tracks by adding password protections through multifactor authentication and allowing for easy quarantine of compromised accounts by adding single sign-on launchpads especially tailored for every user. Adding Passly adds essential protection to your access points that is in line with recommended cybersecurity best practices as well as checking off compliance boxes in many industries. SEE A DEMO VIDEO OF PASSLY>>



Transparency Enhances Credibility


One excellent choice that FireEye made in this situation was to choose transparency over obfuscation. Lying about a cybersecurity incident or downplaying it isn’t a smart move. Just as there are thousands of photographers watching to tell the world about a celebrity in a compromising position, there are also thousands of cybersecurity analysts waiting to tell the world that you’ve had a breach. Building transparency into your incident response plan can smooth the way to recovery.

Transparency and honesty in these situations is the absolute best choice. Dancing around the truth, flatly denying it, or failing to address it at all are terrible ways to handle a breach. That leaves your customers wondering about things like “If you’re willing to lie about that, what else are you being dishonest about?” Even if your incident was caused by a blunder that your company made, own up to what happened and show that you’re taking smart steps to address the problem and improve security around that flaw.

Dark Web ID goes a long way toward helping businesses accomplish that goal. Part of preventing cybersecurity disasters for a company is collecting and analyzing threat intelligence. One of the most obvious but ignored threats is the easy access that cybercriminals including nation-state hackers have to huge lists of compromised passwords on the Dark Web, with more arriving daily. Put Dark Web ID on the job to make sure your company’s credentials aren’t on any of those lists. SEE A DEMO VIDEO OF DARK WEB ID>>

Contact the experts at ID Agent today for an assessment of your company’s security needs and a live demo of how our solutions can help secure your business and your clients against today’s biggest threats including nation-state cybercrime.