FireEye Uncovers Key Characteristics to Identify Origin of Advanced Cyber Attacks

FireEye_Logo_HighResAnalysis Reveals Previously Unreported Attack Tactic from Chinese “Comment Crew”

FireEye®, Inc., the leader in stopping today’s new breed of cyber attacks, today announced the release of “Digital Bread Crumbs: Seven Clues To Identifying Who’s Behind Advanced Cyber Attacks,” a report which details themost prevalent attack characteristics that can help security professionals identify threat actors and better defend organizations from future advanced cyber attacks. The report also identifies an attack tactic employed by the Chinese military group known as “Comment Crew,” previously linked to targeted attacks against the U.S. government.

In today’s cyber threat landscape, identifying your enemy is a crucial piece of any defense plan,” said Ashar Aziz, CTO and Founder of FireEye. “When it comes to advanced cyber attacks, finding out who your attackers are, how they work, and what they are after is critical to protecting your data and intellectual property.”

“Digital Bread Crumbs” analyzes advanced attacks to identify the patterns, behaviors, and techniques that comprise an attack’s digital paper trail. The report outlines seven specific attack characteristics – like attack behavior, malware metadata, or keyboard layout- that can significantly help in attributing specific attacks to a particular country or region.

For example, the report describes the recent analysis of malware metadata, which helped to identify a previously undisclosed attack tactic used by the Chinese “Comment Crew,” a notorious hacker group linked earlier this year to a series of attacks against the U.S. government.

Attackers give themselves away inside their malware code, phishing emails, command-and-control servers, and even basic behaviorssaid Mr Aziz. “Just as the science of fingerprints, DNA, and fiber analysis have become invaluable in criminal forensics, connecting the dots of a cyber attack can help identify even sophisticated threat actors – if researchers know what to look for.”

Implementing the methods outlined in “Digital Bread Crumbs” will allow security professionals to identify threat actors earlier, and better protect their organizations from advanced cyber attacks.

About FireEye, Inc.

FireEye is the leader in stopping next-generation threats, such as zero-day and APT attacks, that bypass traditional defenses and compromise over 95 percent of networks. The FireEye solution supplements signature-based firewalls, IPS, anti-virus, and gateways, and provide the world’s only cross-enterprise, signature-less protection against Web and email threat vectors as well as malware resident on file shares. It is the industry’s only integrated solution that stops attacks across every stage of an attack lifecycle, from exploit to exfiltration. Using its patented Virtual Execution technology platform across its portfolio, FireEye is uniquely able to protect against next-generation threats. FireEye solutions are deployed in over 40 countries and more than 25 percent of the Fortune 100.