Will the NSA spying revelations hurt America’s nascent cyberforensics industry abroad?

Mandiant’s chief security officer Richard Bejtlich (front, left) is well connected.
Mandiant’s chief security officer Richard Bejtlich (front, left) is well connected.
Image: AP Images/ Jacquelyn Martin
We may earn a commission from links on this page.

The barrage of recent hacking attempts against businesses and institutions has given birth to a new US growth industry: cyber-forensics. But with the US government’s own espionage activities now fueling a new climate of international cyber-paranoia, exporting this lucrative corner of the American tech scene might not be so easy.

FireEye, a network security company based in Silicon Valley, yesterday struck a deal to buy its Virginia-based counterpart Mandiant for about $1 billion. It’s a lofty price, representing about 10 times Mandiant’s annual revenue, but investors don’t seem to mind: FireEye’s shares surged by about 24% this morning.

Part of the rationale for the tie-up between the two companies is to “increase global scale” and create an international market leader in the industry. Mandiant is very much a US-focused business: less than 5% of its sales are from offshore markets, and a third of the Fortune 100 are already customers. In contrast, FireEye already has a presence in more than 40 countries, and its international revenue, which accounts for about 15% of its top line, is growing at nearly three times the pace of its US business.

“We believe there is a significant opportunity for international growth in the Mandiant business model,” FireEye’s chief financial officer, Michael Sheridan, said on a conference call.  ”We therefore plan to leverage FireEye’s international infrastructure to accelerate the expansion of the Mandiant business into international markets.” It sounds promising—but there are reasons to believe this might not be as straightforward as it sounds.

Mandiant shot to fame after releasing a detailed report last February alleging that high-profile cyber-attacks on many US companies, including the New York Times, were carried out by the Chinese government. The report contained eye-opening detail about the extent and sophistication of attacks against US institutions that were up until then, long rumored but not well understood. 

But unsurprisingly, China rejected the contents of the report out of hand. And its extraordinarily detailed nature, which identified the code names of hackers, the precise buildings they operate from, and the processes they use, raised eyebrows elsewhere about what appear to be close links between the company and the US government. As Business Insider reported earlier this year, the CTO of rival cybersecurity firm Taia Global said the report had “critical analytic flaws” because it refused to acknowledge that countries other than China engaged in cyberattacks. 

A lot has changed since the beginning of last year. Edward Snowden’s revelations about the NSA’s cyber-surveillance activities have begun to affect overseas sales for US hardware companies like Cisco and IBM in overseas markets. It’s not just a US China thing, either: The revelations have also arguably damaged US relations with countries like Germany and Brazil.

In this light, it’s not unreasonable to think that a well-connected US firm, staffed by former intelligence agents and Department of Defense officials, that openly describes China and Russia as adversaries, might have a little difficulty recruiting non-US companies as its clients. FireEye told Quartz that it “has not encountered difficulties abroad. Our international business is growing very fast and we have build the infrastructure to support this acquisition.” Mandiant didn’t respond to a request for comment.