Cyber security deal highlights threats from spying

Hannah Kuchler and Richard Waters

Mandiant, a U.S. cyber security company at the forefront of fighting a new wave of cyber attacks, has been bought for more than $1 billion, in a deal that highlights the growing concern about government-backed online spying from China and the U.S. National Security Agency.

In the largest U.S. cyber security deal in recent years, FireEye, a New York-listed cyber threat detection company, has acquired Mandiant, the security technology company that last year accused the Chinese military of hacking more than 100 U.S. companies.

(Read more: Cyberthreats on the rise, says McAfee Labs report)

David De Walt, chairman and chief executive of FireEye, said the revelations of the NSA mass surveillance program and Mandiant's report on Chinese hackers had "accelerated business opportunities" for the company.

Maciej Frolow | Photographer's Choice RF | Getty Images

"A lot of companies, organisations and governments said 'look how pervasive these superpowers are in monitoring and stealing from these companies'," he said. "There is an accelerating awareness that just wasn't there a year ago."

Mr DeWalt, who was chief executive of McAfee and sold the antivirus software maker to Intel in 2010, said FireEye and Mandiant were the forefront of a new generation of cyber security protection that would replace the older antivirus model.

(Read more: With new malware, you have to pay to get your files back)

FireEye could respond in "seconds or minutes" to the advanced threat posed by, for example, a "particularly nasty nation state attacker," and then pass the issue – malware, for example – to Mandiant to "fix in real time", he said.

The deal, for more than $900 million in FireEye stock at Thursday's price and $106.5 million cash, is the largest cyber security deal for at least three years, according to Dealogic, the acquisitions research firm. The number of cyber security deals in the United States doubled in 2013, with 10 compared with five each year in 2012 and 2011.

McAfee's top security threats for 2014
McAfee's top security threats for 2014

Kevin Mandia, Mandiant's founder and a former U.S. military cyber crime investigator, said that when he started the firm in 2004, its message that security breaches were inevitable and companies had to work on eliminating the consequences "did not fly".

With venture capital reluctant to invest in the idea, he funded the business himself. "Now it is absolutely generally accepted that you cannot solely rely on preventive services," said Mr Mandia, who will become FireEye's chief operating officer.

To speed up their response to threats, the companies profile hackers and try to predict the types of malware they will try to load on to a machine, much as detectives spot patterns in the behaviors of criminals.

(Read more: Hackers' next target? Maybe your facility's control systems)

"On the front line of the cyber battlefield you have to be able to say . . . it is these guys in St Petersburg who normally use these 18 pieces of malware," Mr Mandia said. He added that, five years ago, when companies focused on antivirus programs, it could take months to discover hackers had accessed a network.

Mandiant started as a security consultancy service but has since developed its own software to help protect against advanced persistent threats such as nation state attacks. More than 30 percent of the Fortune 100 have used Mandiant's services when their computers have been hacked.

More from the Financial Times:

Russian cyber criminal attacks BBC
PM's security adviser urges tougher rules
Government suppliers face cyber vetting

The company generated more than $100 million in sales in 2013, 95 percent in North America and more than half from software sales.

Mandiant raised money in 2011 from One Equity Partners, the private investment arm of JPMorgan Chase and Kleiner Perkins Caulfield & Byers, the Silicon Valley venture capital firm.

Shares in FireEye, which have risen 18 percent since it listed in September 2013, jumped more than 22 percent to $50.50 in after-hours trading on Thursday after the deal was announced.