Month June 2015

Month June 2015

OPM Admits CyTech’s Involvement in OPM Breach Discovery and Response After House Oversight Committee Challenge—Testifies to CyFIR Purchase

News, OPM


During a House Oversight and Government Reform Committee hearing regarding the OPM Data Breach on June 24, 2015, Representative Turner challenged the OPM on CyTech Services’ involvement in the discovery of malicious code during CyTech’s product demonstration of CyFIR for the OPM in April 2015. CyTech Services disagrees with many of the assertions made under oath by OPM Chief Information Officer Donna Seymour during this hearing.

The link to the full video is here; the portion on CyTech’s involvement runs between 01:23:16 and 01:27:51, as clipped here. (Note that video is in Flash format and might not play on all mobile devices.)

CyTech Services’ Press Release Regarding Events at the Office of Personnel Management

News, OPM

CyTech Services, Inc., led by CEO Ben Cotton, a 21-year veteran of the U.S. Army Special Forces, today released the following statement regarding the multiple reports prevalent in the news concerning CyTech’s involvement in the OPM breach response, such as Robert Hackett’s article, “A Product Demo May Have Revealed What Could be the Biggest Ever Government Data Breach” in Fortune on June 12, 2015.

“It is CyTech’s policy not to discuss our clients or their sensitive operations.  However, due to extensive media reporting, we wanted to clarify CyTech’s involvement and the assistance we provided in relation to OPM’s breach response in April 2015,” Cotton said. CyTech Services is a Service Disabled Veteran Owned Small Business (SDVOSB) and the creator of the CyFIR Enterprise™ Incident Response and Enterprise Forensic Investigation Suite.

Read More

OPM Disavows CyTech’s Support in Fortune Magazine Related to OPM Data Breach Discovery

News, OPM

Full story on Fortune’s Website.

Fortune has learned that the detection of that cyber intrusion appears to have arisen during a product demonstration by network security company CyTech Services, corroborating a report that first appeared in the Wall Street Journal. The firm, a Manassas, Va.-based company founded in 2002, had apparently sent a team to pitch its flagship product, a vulnerability assessment tool called CyFIR. During the demonstration, the tool identified the zero-day, aka previously unknown, malware associated with the latest breach, a person familiar the investigation told Fortune.

Wired Magazine on the OPM Breach

News, OPM

Full Article on Wired Magazine’s Website

Although reports are conflicting about how the OPM discovered the breach, it took investigators four months to uncover it, which means the EINSTEIN system failed. According to a statement from the OPM, the breach was found after administrators made upgrades to unspecified systems. But the Wall Street Journal reported today that the breach was actually discovered during a sales demonstration by a security company named CyTech Services (paywall), showing the OPM its forensic product.

Wall Street Journal Breaks CyTech’s Involvement in OPM Breach Investigation

News, OPM

Full Story on the Wall Street Journal’s Website (Paywall)

But four people familiar with the investigation said the breach was actually discovered during a mid-April sales demonstration at OPM by a Virginia company called CyTECH Services, which has a networks forensics platform called CyFIR. CyTECH, trying to show OPM how its cybersecurity product worked, ran a diagnostics study on OPM’s network and discovered malware was embedded on the network. Investigators believe the hackers had been in the network for a year or more.