WASHINGTON DC: Hackers are phishing for the source code of numerous tech companies, including Microsoft, Apple, Oracle and Adobe, for use in future advanced, targeted attacks, according to FireEye CEO David Dewalt.
Dewalt (pictured below) made the claim during a keynote speech at the MIRcon cyber security conference attended by V3, claiming that the firm has detected an alarming spike in attacks targeting technology companies.
"The [hackers] are focused on high value targets and one of the most breached areas we see is high tech. [We're seeing them] go for source code as if they can get the source code and find a hole to get round [users'] defences," he said.
"Using malicious email, using web, using mobile applications they're trying to lure [victims] to a credential-stealing tool. The amount of activity we see going for the big technology platforms - Microsoft, Apple, Adobe, Oracle - is huge."
Dewalt said that the news is disturbing as developments in the cyber crime and state-sponsored hacking community mean that the attacks are becoming increasingly effective.
"We've never seen such a dislocation between offence and defence. The balance has never been wider. The offensive community is so advanced the defence workers are playing catch up. We're tracking hundreds of groups from hundreds of countries engaged in cyber activity," he said.
"Now 97 percent of organisations are breached; 1,279 companies we deal with have evidence of breach. Of those, 76 percent saw the breach and saw the malware."
The FireEye chief highlighted companies' ongoing reliance on layered security models, which he said are ill-suited to deal with multi-layered attacks.
"We're fortunate at FireEye to be involved with customers in 60 countries. In most we're seeing the same defence culture - let's put many layers of defence in place from as many vendors as possible to catch the bad guys," he said.
"We're seeing massive holes in this architecture that mean every day people are being breached. [Hackers] are getting through hundreds of millions of dollars worth of defence spending. The effectiveness of the defence is not indicative of the spend."
Dewalt said that firms will have to rethink their security strategies to deal with the increased threat and focus on threat intelligence and analytics as well as perimeter defence. FireEye is one of many security firms and government agencies calling for organisations to rethink their security practices.
Interpol opened a Global Complex for Innovation information centre on 1 October in a bid to centralise and co-ordinate anti-cyber crime efforts at security firms, law enforcement agencies, academia and wider industries.
FireEye launched an Advanced Threat Intelligence tool on 18 September designed to help firms deal with the next-generation, multi-layer threats detailed by DeWalt.
Finding refutes many earlier studies that suggest that galaxies don't have much dark matter at the time of their birth
Boris the robot outed as man in rented robot suit
Mission will provide vital data about the performance of rocket, spacecraft, autonomous docking system and the landing system
The flight will take off from California's Mojave Air and Space Port and could happen as soon as 13th December