We got 'sucker punched in cyberspace'

Friday, 3 Jan 2014 | 8:30 AM ET
Cybersecurity deal highlights security concerns
Friday, 3 Jan 2014 | 6:52 AM ET
Dave DeWalt, FireEye CEO, and Kevin Mandia, FireEye COO, discuss details of the $1.05 billion deal to acquire computer forensics specialist Mandiant and provide insight on how to prevent hack attacks. The attacks people are suffering today are like being "sucker punched" on the Internet, says Mandia.

Online attacks nowadays like ones that recently hit Target, Snapchat, and Skype are so complex, they're like being "sucker punched in cyberspace," a leading Internet security expert told CNBC on Friday.

In the wake of the theft of information on millions of debt and credit cards from Target, questions have been raised about whether it was an inside job.

Kevin Mandia, the new COO of FireEye, said in a "Squawk Box" interview that it'll be really difficult to tell, because "an outside job looks like an inside job really fast."

"The bad guys break in and then they get the credentials, the users accounts, and the passwords used by the valid users," he said. "So you can't really distinguish between an outsider and an insider once the outsiders break into your networks."

Mandia, a former U.S. Air Force cyberforensics investigator, joined FireEye after the company he founded in 2004, Mandiant, was purchased by the online security company in a billion dollar deal announced Thursday after the closing bell on Wall Street.

Mandiant is best known for unveiling the secret Chinese military unit believed to be behind a series of hacking attacks on U.S. companies.

(Read more: FireEye buys cyberforensics firm for $1 billion)

"Wherever there's conflict there's going to be a cyber component to it, he said, "So if there's an ideological difference between East and West, or terrorist groups and economic Western power, you're going to see a cyber component to that."

FireEye CEO Dave DeWalt—also on "Squawk Box" following the Mandiant deal—said that major attacks on critical infrastructure occur everyday. "We saw the Syrian Electronic Army bring down, obviously, Skype," said DeWalt, the former chief executive of anti-virus software maker McAfee who sold it to Intel.

The hackers who supports Syrian President Bashar Assad claimed responsibility on Wednesday for hacking into the social media accounts of Skype, Microsoft's online calling service.

Meanwhile, the popular disappearing messaging service Snapchat was forced to respond Thursday to allegations that it was hacked, promising an update to its mobile application.

(Read more: Snapchat responds to security breach allegations, promises app update)

The theft of credit cards or intellectual property is serious, Mandia said, "But the thing we worry about in the security industry is attacks that are more nefarious, attacks meant to disrupt business, disrupt perhaps electric grids."

He added destructive acts online that have real physical impact may draw a response that "isn't necessarily going to be in cyberspace. … The deterrent might be something else."

By CNBC's Matthew J. Belvedere. Follow him on Twitter @Matt_SquawkCNBC.

Introducing Morning Squawk: CNBC's before the bell news roundup

Sign up to receive Morning Squawk in your inbox each weekday › Sample

  Price   Change %Change


Contact Technology


    Get the best of CNBC in your inbox

    › Learn More
  • Matt Hunter is the senior technology editor at CNBC.com.

  • Cadie Thompson is a tech reporter for the Enterprise Team for CNBC.com.

  • Working from Los Angeles, Boorstin is CNBC's media and entertainment reporter and editor of CNBC.com's Media Money section.

  • Jon Fortt is an on-air editor. He covers the companies, start-ups, and trends that are driving innovation in the industry.

  • Lipton is CNBC's technology correspondent, working from CNBC's Silicon Valley bureau.

  • Mark is CNBC's Silicon Valley/San Francisco Bureau Chief covering technology and digital media.