Was Mandiant Pushed?

Once in a while, it’s good to revisit and reconsider from a distance.  It’s just over two years since then-unknown Alexandria-based cyber security company, Mandiant vaulted into the media spotlight.  Remember? Mandiant released a report detailing a slew of cyber attacks perpetrated by the Chinese military.  More than sweeping accusations, Mandiant identified specific Red Army IP and physical facility addresses in a bold tell-all counter attack on a sophisticated and persistent Chinese cyber offensive on U.S. targets.

It was a cyber shot heard around the world.  To be sure, Mandiant shocked the world when it released the report.  Many sources inside the Federal government expressed distress and disappointment – their concern, that Mandiant had tipped the U.S. intelligence community’s hand.  The rationale, better not to let our adversaries know we were tracking them.  Removing the blind signaled to the Chinese hackers that they should simply change their addresses and methodologies.

Did anybody see the movie Imitation Games?

Here’s a question – was our government complicit in the Mandiant report?  Was this an early jab in a cyber sparing match between the U.S. and China?  In May 2014 – one year and three months after the Mandiant release, our government took the unprecedented step of identifying and bringing charges against a series of Chinese cyber attackers by name.  Perhaps the Mandiant report was a proxy offensive designed to put the Chinese on notice?

After all, how did a small firm like Mandiant lay hand on such detailed information?  How did it have the nerve to release such a controversial report – which could have capsized the firm by invoking the ire of Uncle Sam?

Let’s say the Federal government did want to leak the report through a proxy – who better than a small firm?  Using a major contractor would have been a far more transparent proxy.  Further, working through a large organization would have been more complex, taken much longer, and amped up the risk of a leak.

It’s doubtful we’ll ever know for sure, but as Alan Turing would tell us, simple things are rarely simple in cyber space.

Do you think Mandiant was pushed?

Steve O'Keeffe
About Steve O'Keeffe
The most connected executive in the government technology community – O'Keeffe is an accomplished entrepreneur and tech-policy expert, with 30 years’ experience as an innovator at the crossroads of government and industry. He founded MeriTalk, O'Keeffe & Company, 300Brand, among other entities. O'Keeffe is a fixture on the Hill, in both the House and Senate, testifying on IT, budget, government workforce, and the requirement to modernize government IT to enhance outcomes for the American people and government employees. He is a champion for change, simplification, transparency, and clear communication of IT value without jargon. A committed philanthropist, O'Keeffe has served for 15 years on the USO-Metro Board of Directors – Vice Chairman of the Board and Chair of the Annual Awards Dinner. He started his career as a journalist – O'Keeffe has contributed to The Economist, Government Executive, Signal Magazine, The Washington Post, and, of course, MeriTalk.