Malware used by the United States in offensive cyber-operations plays “nice” when compared to other nation-state malware, according to FireEye CEO Kevin Mandia.
Speaking at the Cyber Threat Intelligence Forum produced by Scoop News Group on Thursday, Mandia said when FireEye analyzes malware from state-backed hackers, the company usually finds elements of public policy baked into operations. Certain tells in the malware’s behavior or the code itself can be indicative of which state is behind it.
“We find malware that sometimes has a time to live and then it doesn’t run anymore. I wonder who would do that,” Mandia said on stage. “Probably [the U.S.] because we’re the nicest hackers in cyberspace, besides maybe China.”
The U.S. and China are more disciplined in their operations than adversaries like North Korea and Russia, who are instead unrestrained, he said.
“We see guardrails on malware from nations like the United States, but do we see guardrails on malware from Russia? No.”
“My gut, just pure gut, not fact based — [U.S. Cyber Command] will probably break the niceties,” Mandia told CyberScoop. “In cyberspace, everyone else is breaking [laws]. Nobody wants to over escalate, however the next war will be fought with a cyber component. We’ll have to be ready for that.”