Cybersecurity Firms Ditch Defense, Learn to ‘Hunt’ : NPR
The most challenging cyberattacks these days come from China and target Western firms’ trade secrets and intellectual property. But a problem for some is a business opportunity for others: It’s boom time for cybersecurity firms that specialize in going after Chinese hackers.
“It’s the next big thing,” says Richard Stiennon, an industry analyst who specializes in information security firms.
‘An Adversary Problem’
One of the top competitors in this sector is Mandiant, a company founded in 2004 by Kevin Mandia, a former Air Force officer with a background in security consulting. The company distinguished itself early by helping companies learn more about who was attacking them, as opposed to protecting the companies from the malicious software, or malware, the attackers were using.
“We said, ‘It’s not a malware problem, it’s an adversary problem,’” Mandia says. The adversary he and his colleagues focused on from the start was China, the source of the most costly attacks affecting his customers.
In contrast with what he calls “the protection guys” in other security firms, Mandia and his colleagues emphasized intelligence gathering. They studied actors responsible for what cybersecurity officials euphemistically called “advanced persistent threats,” or APTs, a term that generally refers to cyberattacks emanating from China.