Photo: Thomas Trutschel/Photothek via Getty Images

FireEye, a California-based cybersecurity firm, has been credited twice just this week with helping two of the biggest tech companies uncover midterm election threats — and got a stock bump as a result.

Why it matters: While companies like Google and Facebook have the in-house expertise to uncover some malicious activity, third-parties like FireEye are sometimes better equipped to spot malicious activity through their own monitoring.

The context: Google announced Thursday it had uncovered forensic evidence — with the help of FireEye — of disinformation attacks directly linked to Iran state media. It says FireEye caught three YouTube channels associated with Islamic Republic Iran Broadcasting.

The big picture: Tech firms work with dozens of outside experts, including cybersecurity firms and intelligence agencies, to detect these threats. In this case, the security firm is reaping the benefits of their visibility in the big tech firms' announcements.

  • FireEye stock was up over 6% Thursday after the Google announcement.
  • Some of FireEye's competitors, like Palo Alto Networks, had slight stock bumps as well on the day of the Google news.

Although there's competition (such as Palo Alto Networks, Crowdstrike, Symantec, Trend Micro, McAfee and Microsoft), FireEye has been a leader in the space. For example, in 2013, Mandiant (which FireEye has since acquired) released a landmark report attributing cyber espionage over many years to China.

How the discovery went down: Lee Foster, FireEye's Manager of Information Operations Analysis, told Axios his team's "focus is to try to go out to identify foreign influence campaigns" and that they first caught wind of this misinformation web about two months ago. He would not comment about future business collaboration with tech companies.

FireEye has invested more heavily than others in “multi-disciplinary threat intelligence,” said Steve Weber, director for the Berkeley Center for Long Term Cybersecurity. "It includes capabilities that are more like what you'd find in a national intelligence agency — country expertise, language skills, geopolitical savvy."

While shareholders may see a short-term upside to these announcements, some in the security community worry that public proclamations about uncovering attacks like these could interfere with law enforcement's interest in combatting them.

  • Governments may have different standards for attributing cyberattacks than companies. And when a company attributes an incident to a nation-state or hacking group, it can add pressure on the government to also publicly attribute the attack, even if it isn't prepared to do so.
  • Even if a government is able to attribute an attack, it may not wish to do so publicly because it may not be prepared to respond to the attack.
  • "When the government does it, it carries more force," said Chris Painter, who used to serve as the State Department's top cyber diplomat. "They may want a different quantum of proof than private companies."

The bottom line: If stock gains repeat in future attribution announcements, expect more cybersecurity firms to publicize their association with uncovering disinformation campaigns on social media.

Go deeper:

Go deeper

Updated 6 mins ago - Politics & Policy

Coronavirus dashboard

Illustration: Eniola Odetunde/Axios

  1. Global: Total confirmed cases as of 8 p.m. ET: 11,982,883 — Total deaths: 547,931 — Total recoveries — 6,511,854Map.
  2. U.S.: Total confirmed cases as of 8 p.m. ET: 3,040,957 — Total deaths: 132,195 — Total recoveries: 953,420 — Total tested: 36,866,416Map.
  3. Public health: Houston mayor cancels Republican convention over coronavirus concerns Deaths are rising in hotspots — Déjà vu sets in as testing issues rise and PPE dwindles.
  4. Travel: United warns employees it may furlough 45% of U.S. workforce How the pandemic changed mobility habits, by state.
  5. Education: New York City schools will not fully reopen in fallHarvard and MIT sue Trump administration over rule barring foreign students from online classes.
  6. 🎧 Podcast: A misinformation "infodemic" is here.

Transcripts show George Floyd told police "I can't breathe" over 20 times

Photo: Gary Coronado/Los Angeles Times via Getty Images

Newly released transcripts of bodycam footage from the Minneapolis Police Department show that George Floyd told officers he could not breathe more than 20 times in the moments leading up to his death.

Why it matters: Floyd's killing sparked a national wave of Black Lives Matter protests and an ongoing reckoning over systemic racism in the United States. The transcripts "offer one the most thorough and dramatic accounts" before Floyd's death, The New York Times writes.

3 hours ago - Health

Fighting the coronavirus infodemic

Illustration: Sarah Grillo/Axios

An "infodemic" of misinformation and disinformation has helped cripple the response to the novel coronavirus.

Why it matters: High-powered social media accelerates the spread of lies and political polarization that motivates people to believe them. Unless the public health sphere can effectively counter misinformation, not even an effective vaccine may be enough to end the pandemic.