FireEye, Inc., the leader in stopping today’s new breed of cyber attacks, today announced the release of “Digital Bread Crumbs: Seven Clues To Identifying Who’s Behind Advanced Cyber Attacks,” a report which details the most prevalent attack characteristics that can help security professionals identify threat actors and better defend organizations from future advanced cyber attacks. The report also identifies an attack tactic employed by the Chinese military group known as “Comment Crew,” previously linked to targeted attacks against the U.S. government.
“In today’s cyber threat landscape, identifying your enemy is a crucial piece of any defense plan,” said Ashar Aziz, CTO and Founder of FireEye. “When it comes to advanced cyber attacks, finding out who your attackers are, how they work, and what they are after is critical to protecting your data and intellectual property.”
“Digital Bread Crumbs” analyzes advanced attacks to identify the patterns, behaviors, and techniques that comprise an attack’s digital paper trail. The report outlines seven specific attack characteristics – like attack behavior, malware metadata, or keyboard layout- that can significantly help in attributing specific attacks to a particular country or region.
For example, the report describes the recent analysis of malware metadata, which helped to identify a previously undisclosed attack tactic used by the Chinese “Comment Crew,” a notorious hacker group linked earlier this year to a series of attacks against the U.S. government.
“Attackers give themselves away inside their malware code, phishing emails, command-and-control servers, and even basic behaviors” said Mr Aziz. “Just as the science of fingerprints, DNA, and fiber analysis have become invaluable in criminal forensics, connecting the dots of a cyber attack can help identify even sophisticated threat actors – if researchers know what to look for.”
Implementing the methods outlined in “Digital Bread Crumbs” will allow security professionals to identify threat actors earlier, and better protect their organizations from advanced cyber attacks.