FireEye cyber-attack – some thoughts from Mike Gillespie

News and information from the Advent IM team.

We have been here before; a potentially offensive cyber weapon in criminal and/or hostile nation state hands. Remember Eternal Blue from the NSA, stolen by Shadow Brokers, and the resulting WannaCry and NotPetya Ransomware? Widespread, indiscriminate and in some sectors, devastating. In fact, in some areas of health there was even real risk of threat to life due to unavailability of critical systems.

Granted, that was an offensive cyber weapon from inception, not a tool that was then subverted to become one and we have no idea of the scale of this incident and the capability of the tools stolen; this will unfold in the coming weeks. But we do know that the operation that took place to steal these tools was highly focused and advanced, according to the company blog.

Do not be fooled by the fact that this was a sophisticated, targeted attack into thinking you could not be not a target.

Now is the time to prepare for the potential fall out from this theft. If we think back to what happened in the Eternal Blue aftermath, this time is crucial. Listen to what Mike has to say on the topic and gain some insight into what questions you need to be asking of your cybersecurity team to be ready…

“The art of war teaches us to rely not on the likelihood of the enemy’s not coming, but on our own readiness to receive him; not on the chance of his not attacking, but rather on the fact that we have made our position unassailable.”

Advent IM podcast Risk and Business discussing the impact of the FireEye cyber attack

 

Share this Post