The recent hack of FireEye has far reaching implications and will, most likely, persist for a long time. All individuals should be aware of the scope of this breach, but more so, those working in government and dealing with other government agencies. Please take the time to review this article. We have highlighted a few major points.
Although FireEye is one of the largest security service providers, PSAB IT does not use any of their services. Several years ago, FireEye, along with a few competitors, decided to offer an all-encompassing solution whereby you install an agent, like a virus scanner on local computers and the agent not only does virus scanning but also looks for malware, Email spam, DNS filtering, system information on each computer, and other information found on both desktops and some mobile devices. This type of service results in a company like FireEye, having access to absolutely everything stored, sent or received on every machine on which it has been installed. We determined that such a service posed too big of a risk to corporate data/structure, and, instead we opted to create our own monitoring system using various/multiple vendors thereby cutting down on risk and exposure. This is reflected in the various services that staff encounters such as DNS filter, spam filtering, Vipre virus scanner and Malwarebytes. All of those services would be under one “umbrella” if we were using a service like FireEye. For PSAB, each of these programs are separate and distinct, which serves to limit the overall risk and exposure of PSAB for these required and essential services. Having these services separate requires time and management on the part of IT, and sometimes causes minor internal “blips” to staff. We greatly appreciate staff’s understanding and willingness to “put up” with IT and, in this instance, our overly cautious approach has certainly paid dividends.
This breach has the potential to affect almost every American citizen, in some way, and most, if not all, government agencies. The Federal Government has already ordered FireEye software to be remove from systems, however, that is too little too late. Indications are this hack started in the first quarter of 2019 and information has been gathered by “the bad guys” since that time.
Please be diligent and aware that, at some point, you will be affected by this breach. Stay alert and watch for anything suspicious, not just from a PSAB standpoint, but personal as well.
We would also like to take this opportunity to wish all of you a Wonderful Holiday Season! Looks like we are going to need the snow shovels.
