In an ever more digital world, threats of computer borne attacks have become sadly commonplace. 70 million Target customers had their personal information compromised in December and a similar attack on customers of White Lodging, a company that manages some well known hotels, was announced this week. Many aren’t even safe at home where personal information stored on your own computer may fall victim to hackers.
One reason this might be such a growing problem is an outdated plan to combat such attacks. David DeWalt is the CEO of FireEye (FEYE), a cutting edge computer security firm that is changing the way we’re protected online.
“If you look at the last two decades we’ve primarily had one detection model. Everybody knows that, it’s called anti-virus,” DeWalt points out. “It’s all about pattern matching and writing code to look for viruses and matching patterns to block attacks that are occurring...What’s happened today is that the adversaries are much more well funded, their techniques are much more complex and they easily evade this 20 year old model.”
So what does FireEye and other firms like them offer that the more traditional security firms like McAfee (DeWalt is their former CEO) and Symantec don’t?
“[FireEye’s] approach uses virtual machines [which] study behavior of applications or web pages or mobile apps, and they study them and look for deviant behavior. If there’s the slightest six sigma deviation it can block or detect a threat that could be occurring - so a very different model.
DeWalt describes it as a much more proactive approach. One that doesn’t wait for the attack to occur but rather hopes to stop it before it does any damage. An added benefit that FireEye’s competitors don’t have, says DeWalt is that “virtual machines can communicate in real time. So if there’s an attack in one location somewhere in the world all the other virtual machines can learn from it within minutes.”
The FireEye chief won’t comment specifically on the Target breach or others like it, but says their technology is “very well versed in those types of attacks. Our virtual machines do detect these ‘advanced persistent threats.’ These types of anomalies that are occurring in the networks of the large retailers are things that the FireEye product does detect, does block, and we are very conscious about how to prevent those things from occurring.”