FireEye CEO David DeWalt explained that threat actors are targeting IT giants for source code and highlighted the importance to adopt new security model.
Phishing is a common practice in the hacking community, despite the level of awareness of the threat is high, the efficiency of the attacks is still significant. As highlighted in the last APWG report, the efficiency and the volume of phishing activities continue to increase making phishing one of the most dangerous cyber threats.
FireEye CEO David DeWalt, during a keynote speech at the MIRcon cyber security conference, has explained that phishing represents a serious threats for IT giants like Microsoft, Apple, Oracle and Adobe.
David DeWalt explained that FireEye has detected an alarming surge in cyber attacks targeting technology companies, threat actors appear to be more interested to source code and intellectual property of the victims.
“The [threat actors] are focused on high value targets and one of the most breached areas we see is high tech. [We’re seeing them] go for source code as if they can get the source code and find a hole to get round [users’] defences,” DeWalt said.
“Using malicious email, using web, using mobile applications they’re trying to lure [victims] to a credential-stealing tool. The amount of activity we see going for the big technology platforms – Microsoft, Apple, Adobe, Oracle – is huge.”
DeWalt highlighted that independently from the category of attackers, cyber criminals or state-sponsored hackers, the Tactics, Techniques and Procedures (TTP) are becoming even more sophisticated and effective.
FireEye is very active in the analysis of cyber threats, its experts recently have uncovered numerous APTs operating worldwide and targeting private companies and government entities. The acquisition of Mandiant Intelligence firm has completed the competencies of the company that today is a landmark in activities of threat intelligence, and the company embodies the temperament and the vision of its CEO.
DeWalt explained that almost every company suffer cyber attacks that can potentially harm their operations, a portion of breached companies is still not able to identify the threats for too long. Unfortunately, in many cases the same companies fail for long periods to identify the threat within their own systems with devastating consequences.