By Samuel T. Clover ’91
It’s been a landmark spring for Kevin Mandia ’92, founder of the cyber security firm Mandiant and now vice president and chief operating officer of FireEye, which acquired Mandiant last year.
On May 18, the U.S. Department of Justice announced the indictments of five members of China’s People’s Liberation Army, part of a group known officially as Unit 61398 and informally as the Comment Crew, for stealing American corporate trade secrets. The indictments resulted directly from a report issued by Mandia’s firm in February 2013 first identifying Unit 61398 as responsible for cyber attacks on American corporations, organizations, and government agencies.
The report brought Mandia into the international spotlight. He was featured in The New York Times, Fortune, and other major media. Foreign Policy named him one of the Leading Global Thinkers of 2013 for his work “on the bleeding edge of the digital revolution, where a battle is being fought over who will control the defining tool of the 21st century.”
“This is a case alleging economic espionage by members of the Chinese military and represents the first-ever charges against a state actor for this type of hacking,” said U.S. Attorney General Eric Holder. Six major American companies were infiltrated, including Alcoa, U.S. Steel, and Westinghouse. The hackers allegedly lifted design specifics for power plants, stole details about ongoing trade litigation, confiscated marketing and business strategies, and examined classified corporate intelligence.
A month or so before the indictments were announced, Mandia visited campus to share his experience and expertise with students. He also sat for an extended interview with Reed Shapiro ’14 in connection with the latest edition of Lafayette Lens, a TV program produced in partnership with local PBS affiliate WLVT Channel 39 by students taught by Mark Crain, Simon Professor of Political Economy and chair of the Policy Studies Program.
“Kevin is an outstanding example of a Lafayette alumnus leading a global effort to solve one of the great challenges of the 21st century—the threat of cyber crime and cyber terrorism,” Crain says. “His involvement with Lafayette students brings vivid reality to the College’s vision. His solutions integrate knowledge from multiple disciplines: information technology, business, policy, history, and culture. He brought all these together and created a successful, profitable global enterprise. Kevin’s career exemplifies the value proposition behind a liberal arts education.”
The findings in Mandiant’s groundbreaking report were the result of a six-year investigation. The firm had determined that certain clusters of hackers—mainly in Russia, former Soviet republics, and China—collectively represented an “advanced persistent threat.” While the company described the Comment Crew as the “most prolific” cyber threat, it could not determine conclusively if the Chinese government was directly involved.
Evidence gathered between 2010 and 2013, however, confirmed Mandiant’s suspicion that the Comment Crew worked with full knowledge of the Chinese government.
Mandia is the coauthor of the books Incident Response: Investigating Computer Crime and Incident Response: Performing Computer Forensics. He regularly provides commentary and analysis in national media. He has testified as an expert in federal court and provided testimony before the House Intelligence Committee.
Lafayette awarded Mandia an honorary Doctor of Public Service degree at Commencement last month.