FireEye is tech firms’ weapon against disinformation, staffed with ‘the Navy SEALs of cyber security’

FireEye's heavy spending on research, development, sales and marketing has led it to struggle to remain profitable.
(Rafe Swan / Getty Images/Cultura RF)
Associated Press

This week, major social media companies stepped up their policing of online disinformation campaigns.

Google disabled dozens of YouTube channels and other accounts linked to a state-run Iranian broadcaster running a political-influence campaign.

Facebook removed 652 suspicious pages, groups and accounts linked to Russia and Iran.

Twitter took similar action shortly thereafter.

What did they have in common? The security firm FireEye Inc.

Best known for its work on high-profile cyberattacks against companies including Target, JPMorgan Chase and Sony Pictures, FireEye is emerging as a key player in the fight against election interference and disinformation campaigns.


Based in Milpitas, north of San Jose, FireEye is staffed with a roster of former military and law-enforcement cyber experts.

“They’ve really become the Navy SEALs of cyber security, especially for next-generation cyber security threats,” GBH Insights analyst Dan Ives said.

Lee Foster, manager of information operations analysis at FireEye, said his team works within the company’s intelligence outfit, which researches not only “info-ops” — like the Iran-linked social media activity it recently uncovered — but also espionage, financial crime and other forms of vulnerability and exploitation. Specialist teams at FireEye focus on particular areas of cyber threats, each with its own expertise and language capabilities.

“We kind of operate like a private-sector intelligence operation,” he said.

FireEye was founded in 2004 by Ashar Aziz, who developed a system for spotting threats that haven’t been tracked before, unlike older companies that sold firewalls or anti-virus programs that block known malware.

Aziz, a former Sun Microsystems engineer, created a system that uses software to simulate a computer network and check programs for suspicious behavior, before allowing them into the network itself.

FireEye raised its profile in 2014 by acquiring Mandiant, known for expertise in assessing damage and tracing the source of cyberattacks. Mandiant founder Kevin Mandia, a former U.S. Air Force investigator, is now FireEye’s chief executive.


While businesses are spending more on information security, FireEye itself has spent heavily on research, development, sales and marketing. That has led to struggles to remain profitable, as heavy investments offset revenue growth.

FireEye reported this month that its second-quarter revenue rose 6% to $203 million, but it posted a loss of $72.9 million, or 38 cents per share. That met analyst expectations, but it seems investors expected more: The company’s shares fell.

That’s a common problem in the white-hot cybersecurity sector, which includes competitors such as Palo Alto Networks, CloudFlare and Check Point. The companies are facing high expectations as the cyber security market booms, fueled by heightened cyberattacks and hacking fears.

“As the space has become more competitive, profitability and growth has been a challenge” for FireEye, Ives said.

Still, FireEye’s stock jumped 5.8% on Thursday when news broke of its role in uncovering the fake accounts on YouTube, Facebook and Twitter. It climbed an additional 3.9% on Friday to close at $16.37 a share.

And the company’s reputation continues to grow.

“There are many vendors that play in cyber security when you look at some of the very sophisticated threats facing enterprise and governments,” Ives said. “FireEye many times gets that first phone call when it comes to assess threat environment for companies.”


Anderson writes for the Associated Press.


1:55 p.m.: This article was updated with FireEye shares’ closing price.

This article was originally published at 12:30 p.m.