FireEye releases a free tool that audits networks to determine whether certain techniques known to be employed by SolarWinds hackers were used. ( Catalin Cimpanu / ZDNet)
By analyzing the behavior of these types of attacks, FireEye hopes to identify potential flaws in network security so that organizations can better protect themselves. After a massive data breach, FireEye released a free tool to determine how attackers got inside a network. This is an excellent example of a content marketing campaign that leverages the content and means of another brand to produce an effective marketing campaign. FireEye, a cybersecurity company, could not afford to let such a breach happen. Their solution was to release a free tool that audited networks to determine if they were breached. In the end, the free tool proved to be very valuable to their customers.
What is a FireEye?
FireEye, Inc. (NASDAQ: FEYE) is a global leader in cyber security. Founded in 2002, the company has more than 2,000 employees worldwide. The company provides cyber-security services to help organizations prevent, detect, investigate, and respond to cyber threats. FireEye is a cybersecurity firm that specializes in the protection of the enterprise. Its primary products include network and endpoint security, data loss prevention, and cloud security, but it also offers products focused on mobile security. Their goal is to help organizations protect themselves from the threats they face, including advanced persistent threats (APTs), zero-day attacks, malware, spam, phishing, and cybercrime. Their business model is to protect companies from cyberattacks using their cloud security platform.
How does FireEye free tool that audits networks to determine certain techniques?
A few years ago, FireEye released a free tool that allows organizations to audit network traffic for unusual behavior. A company could run this tool against its internal network, compare the results against its known bad guys, and see if any of the known bad guys’ attacks had made it into the network. The tool is designed to help detect malware, botnets, spyware, and phishing attacks. The device, dubbed NetworkSight, is designed to detect and monitor certain network activities, including “anomalous activity,” like malware attacks. According to the company, NetworkSight can be used as an additional layer of security on top of current defenses, providing organizations with an extra layer of protection against advanced persistent threats (APTs) and other malicious network activity. The tool detects activity in two areas: data exfiltration and lateral movement across the network.
How can SolarWinds hackers employ the FireEye free tool?
FireEye said the hackers used two sets of tools to compromise the network. One toolset is related to FireEye’s products, including one that scans and detects security threats. Another set of tools relates to common hacking techniques, including those used to steal credit card numbers. Both groups of devices use the same infrastructure. While most cybercriminals are more interested in taking advantage of data breaches, the SolarWinds hack showed that cybercriminals could be creative and resourceful regarding their attack methods. SolarWinds has a unique form of detecting advanced threats called ThreatCloud, which uses a unique approach to seeing suspicious network behavior and suspicious files. The threat researchers from FireEye created a tool that could be used to exploit the vulnerability that the hackers used.
Conclusion
In conclusion, FireEye’s analysis was only possible due to the unique nature of the attack method, which relies on a unique combination of techniques that the company has yet to see. Once a network is compromised, it’s nearly impossible to spot how an attacker could have breached it. A forensic analysis must reveal these methods to find a way into the network and determine whether they were used. To get a snapshot of an attacker’s tactics and techniques, we must look deeper than the surface and analyze the network at the deepest level.
FAQS
1. What is FireEye doing to stop the attacks?
FireEye is working with its customers to help them protect their networks from attacks.
2. What can be done to protect against these attacks?
FireEye recommends that you check your systems for the above techniques.
3. Why is FireEye releasing the tool?
FireEye released the tool to help security professionals identify and protect their customers from SolarWinds attacks.
4. What does FireEye do?
FireEye is an independent security research company that provides solutions to help organizations detect and respond to targeted attacks.
