Imagine being a security analyst. Your job would be to keep an eye on the hackers, right? And to make sure they don’t do anything too drastic? But what do you do when you become a target of the people you were supposed to be watching? What do you do if they find your personal information and leak it out in the world?
Mandiant Security Company in Virginia and one of its employees, Adi Peretz, have experienced this scenario after a full year of hackers being inside of his computer.
The Senior Threat Intelligence Analyst Adi Peretz became a victim of the so-called #LeakTheAnalyst Operation, behind which are hackers who are trying to strike back at security industry. The entirety of Peretz’s email inbox has been leaked, as well as various Mandiant and FireEye documents meant for the use of staff only.
LinkedIn profile of a Mandiant employee. 😐 pic.twitter.com/3WpWiXGjvs
— Rickey Gevers (@UID_) July 31, 2017
The company Mandiant has been bought by FireEye for around $1 billion in 2014 and its prime focus is digital forensics.
The information that has been released during this hack has been proven very, very sensitive – it includes network topologies, company worksheets as well as threat intelligence profiles for the Israeli Defense Forces.
But most of the leaked information is about the security expert himself. The hackers tracked Peretz through Windows Find My Device feature that was linked to Peretz’s Surface Pro laptop. The hackers also leaked his LinkedIn page, exposing sensitive information. The profile has been deleted since.
The hackers gave a sort of explanation for their behavior at the end of the Pastebin that announced the leak. They spoke of it not being understood how hard it is to break into a highly secured firm, avoid all the security measures, and code and hack not for the money but for the pleasure of being somewhere no one else can be in.
They spoke of security analysts spoiling their plans and destroying their planned breaches, and how the hackers used to avoid them for a long time, but now they have turned against them and started the Operation #LeakTheAnalyst and decided to find every and any possible information about the experts and expose it to the public. They decided to go after their reputation, their countries, and basically everything they’ve got, finishing the note with saying that they only consider the operation to be a side job.
This hasn’t been the first time the security analysts and researchers have been the target of hackers’ attacks, but it still made many of them scared of their own information leaking, and some of them asked for higher security measures to be put.
Mandiant’s parent company FireEye has stated that they are aware of the information being exposed on their employee and said that they’re investigating the situation and taking steps to prevent further exposure. They have yet to find evidence that suggests that systems of FireEye and Mandiant have been compromised.