In his more than 20 years responding to cyberbreaches, Kevin Mandia, the CEO of enterprise-facing cybersecurity company FireEye, has learned one key, overarching thing about cyberattacks.
“If you’re in the United States and you hack a company, you’re going to get caught, so you have to live in a safe harbor,” Mandia said. “You almost have to be condoned, you have to be supported, and many of the attacks we respond to, there are, in fact, people in uniform conducting the attacks against our companies.”
Mandia, whose company was hired by both Facebook and Google to help identify disinformation campaigns, said that while hackers still frequently target individuals, most hacks surveyed by FireEye in the last year had ties to foreign government entities.
“We responded to over 600 breaches last year,” Mandia said. “I would say over 80 percent of them were state-sponsored or state-condoned, meaning the heads of the state or the heads of certain agencies of that state knew the attacks were ongoing, but there’s no risk or repercussions to the attackers.”
Mandia’s statements come at a time when cyberattacks on both Wall Street and Main Street, with tech giants warning consumers about the billions of cyberattacks that happen every day and others fretting about how cyber-warfare could affect the 2018 midterm elections.
One of Mandia’s top concerns was the lack of “segregation” between government, enterprise and individuals’ networks, he said, cautioning that as the lines are blurred, hackers will likely go after more vulnerable targets and cause malware to “ripple” out through various systems.
“We’re all blending together into this big mesh network and it could be the strategy of the adversaries to go after the softer targets,” he warned. “If you hack every elementary school in a certain state, that means maybe employees aren’t going to work that day, and then it ripples out from there.”
And state-sponsored hacks from nations like Iran, with which U.S. representatives clashed at the United Nations General Assembly on Tuesday, are nowhere near quieting down, the FireEye chief said.
“We first responded to Iran in 2007, 2008, and they just looked like they had just gotten out of the classroom. They weren’t very good in offensive cyber, but they’ve had 10 years now,” he told Cramer.
“You know for a fact they had an agenda to get good at asymmetric warfare. Cyberattacks are, in fact, asymmetric,” Mandia continued. “They’re not going to meet us on a battlefield with a bunch of tanks, … they’re going to meet us in cyberspace. And from the attacks we’re observing, I kind of dub 2017 the year of Iran.”
Shares of FireEye climbed on Tuesday, settling up 4.18 percent at $17.21.