Its Digital Bread Crumbs: Seven Clues to Identifying Who’s Behind Advanced Cyber Attacks report details specific characteristics, such as attack behavior, malware metadata or keyboard layout, that when analyzed can uncover information on its originating region or country, FireEye said.
“In today’s cyber threat landscape, identifying your enemy is a crucial piece of any defense plan,” said Ashar Aziz, chief technology officer and founder of FireEye.
“When it comes to advanced cyber attacks, finding out who your attackers are, how they work and what they are after is critical to protecting your data and intellectual property.”
The report also described a common attack campaign used by a Chinese military cyber group implicated in a spate of recent attacks on U.S. websites, which FireEye said it identified by taking a closer look at malware code.
“Attackers give themselves away inside their malware code, phishing emails, command-and-control servers, and even basic behaviors,” Aziz said, adding that analysis will provide the clues “if researchers know what to look for.”