Thanks to a new report from cybersecurity firm FireEye, we now know exactly how hackers sponsored by the Russian government have gotten access to sensitive information on computer networks owned by NATO, its member countries and former Soviet nations such as Georgia. The methods are sophisticated but, with just a little vigilance, easily fended off.

The report stands out for its insight into how hackers operate. Some security-company reports on alleged Russian hacking have provided valid technical insights; others have been ominous but weak on detail. Together, they have provided a pretty good idea of what malware hackers have used. And they've reported that the various hacker groups used phishing to gain that access: Someone in the target organization had to open an email attachment or click on a link to allow the malware in.

?But until now it hasn't been clear what bait hackers have used to induce those fatal clicks. It's easy to say that anyone who clicks on links or opens attachments in unsolicited emails is a fool, but it would be wrong to assume that there are many fools in bureaucracies such as NATO's. People there, and at major companies, get cybersecurity training. So why are the hackers so often able to trick them?

FireEye, based in Milpitas, California, is a major player in the computer security industry. Research by Mandiant, a company it acquired this year for $1 billion, was behind the U.S. indictment of Chinese military hackers last May. FireEye has the resources and the attention to detail required to study hacker attacks from initial penetration through to data theft. So to anyone sitting on sensitive information that could be of interest to government-sponsored hacker groups -- be they Russian, Chinese or American -- FireEye's report on what it calls Advanced Persistent Threat 28 is required reading.  

Eoin Treacy's view

We are accustomed to seeing the major powers perform war games on a relatively regular basis but more recently these operations have been conducted in an unconventional manner where manipulation of the media, cyber warfare and other non-kinetic strategies are being explored. If one military complex is practising these techniques it is reasonable to assume they and others are also actively pursuing such strategies in the background. Offensive cyber strategies remain the preserve of governments, but the corresponding requirement for defensive strategies represents a growth trajectory. 

This report from Gartner Inc focusing on Web Application Firewalls (WAF) is heavy on technical detail but also highlights how tightly held a number of companies concerned are and also the potential for additional listings as they come to market. 


Akamai Technologies has held a progression of higher reaction lows since late 2011 and found support least week in the region of the 200-day MA. A sustained move below $52 would be required to question medium-term scope for additional upside.   Cisco Systems has exhibited a similar trajectory since 2011. 

Check Point Software remains a clear leader in the cyber security sector and broke out to new highs this week. A sustained move below the 200-day MA currently near $65 would be required to question medium-term scope for additional upside. 

Intel found support last week in the region of the 200-day MA and has bounced impressively. Some consolidation is a possibility but a sustained move below the trend mean would be required to question medium-term scope for additional upside.  


EMC Corp has been ranging with a mild upward bias for nearly four years and bounced last week from the region of the 200-day MA. A sustained move above $30 would reassert the medium-term uptrend. Radware has a broadly similar pattern.

Verint Systems remains in a steep but so far consistent uptrend. 


Among companies that have IPOed in the last year both Barracuda Networks and FireEye are firming from the lower side of their respective ranges.