Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa Bay news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Charlotte news in your inbox

Catch up on the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Photo: Thomas Trutschel/Photothek via Getty Images

FireEye, a California-based cybersecurity firm, has been credited twice just this week with helping two of the biggest tech companies uncover midterm election threats — and got a stock bump as a result.

Why it matters: While companies like Google and Facebook have the in-house expertise to uncover some malicious activity, third-parties like FireEye are sometimes better equipped to spot malicious activity through their own monitoring.

The context: Google announced Thursday it had uncovered forensic evidence — with the help of FireEye — of disinformation attacks directly linked to Iran state media. It says FireEye caught three YouTube channels associated with Islamic Republic Iran Broadcasting.

The big picture: Tech firms work with dozens of outside experts, including cybersecurity firms and intelligence agencies, to detect these threats. In this case, the security firm is reaping the benefits of their visibility in the big tech firms' announcements.

  • FireEye stock was up over 6% Thursday after the Google announcement.
  • Some of FireEye's competitors, like Palo Alto Networks, had slight stock bumps as well on the day of the Google news.

Although there's competition (such as Palo Alto Networks, Crowdstrike, Symantec, Trend Micro, McAfee and Microsoft), FireEye has been a leader in the space. For example, in 2013, Mandiant (which FireEye has since acquired) released a landmark report attributing cyber espionage over many years to China.

How the discovery went down: Lee Foster, FireEye's Manager of Information Operations Analysis, told Axios his team's "focus is to try to go out to identify foreign influence campaigns" and that they first caught wind of this misinformation web about two months ago. He would not comment about future business collaboration with tech companies.

FireEye has invested more heavily than others in “multi-disciplinary threat intelligence,” said Steve Weber, director for the Berkeley Center for Long Term Cybersecurity. "It includes capabilities that are more like what you'd find in a national intelligence agency — country expertise, language skills, geopolitical savvy."

While shareholders may see a short-term upside to these announcements, some in the security community worry that public proclamations about uncovering attacks like these could interfere with law enforcement's interest in combatting them.

  • Governments may have different standards for attributing cyberattacks than companies. And when a company attributes an incident to a nation-state or hacking group, it can add pressure on the government to also publicly attribute the attack, even if it isn't prepared to do so.
  • Even if a government is able to attribute an attack, it may not wish to do so publicly because it may not be prepared to respond to the attack.
  • "When the government does it, it carries more force," said Chris Painter, who used to serve as the State Department's top cyber diplomat. "They may want a different quantum of proof than private companies."

The bottom line: If stock gains repeat in future attribution announcements, expect more cybersecurity firms to publicize their association with uncovering disinformation campaigns on social media.

Go deeper:

Go deeper

Tech scrambles to derail inauguration threats

Illustration: Sarah Grillo/Axios

Tech companies are sharing more information with law enforcement in a frantic effort to prevent violence around the inauguration, after the government was caught flat-footed by the Capitol siege.

Between the lines: Tech knows it will be held accountable for any further violence that turns out to have been planned online if it doesn't act to stop it.

Dave Lawler, author of World
5 hours ago - World

Uganda's election: Museveni declared winner, Wine claims fraud

Wine rejected the official results of the election. Photo: Sumy Sadruni/AFP via Getty

Yoweri Museveni was declared the winner of a sixth presidential term on Saturday, with official results giving him 59% to 35% for Bobi Wine, the singer-turned-opposition leader.

Why it matters: This announcement was predictable, as the election was neither free nor fair and Museveni had no intention of surrendering power after 35 years. But Wine — who posed a strong challenged to Museveni, particularly in urban areas, and was beaten and arrested during the campaign — has said he will present evidence of fraud. The big question is whether he will mobilize mass resistance in the streets.

Off the Rails

Episode 1: A premeditated lie lit the fire

Photo illustration: Sarah Grillo/Axios. Photo: Chip Somodevilla/Getty Images

Beginning on election night 2020 and continuing through his final days in office, Donald Trump unraveled and dragged America with him, to the point that his followers sacked the U.S. Capitol with two weeks left in his term. Axios takes you inside the collapse of a president with a special series.

Episode 1: Trump’s refusal to believe the election results was premeditated. He had heard about the “red mirage” — the likelihood that early vote counts would tip more Republican than the final tallies — and he decided to exploit it.

"Jared, you call the Murdochs! Jason, you call Sammon and Hemmer!”