Cylance Helped OPM During Breach


A U.S. congressional report has concluded that Cylance Inc., an endpoint cybersecurity vendor, played an invaluable role in discovering, halting and remediating a data breach in progress last year at the United States Office of Personnel Management (OPM). Upon being alerted to the compromise, the government agency used CylancePROTECT, an artificial intelligence-based cybersecurity software, to positively identify and mitigate the APT attack, which was attributed to two hacker groups.

The congressional report, which was disseminated by Chairman Jason Chaffetz (R-UT) of the House Committee on Oversight and Government Reform, stated: “The significance of the cutting edge preventative technology offered by Cylance in responding to the OPM data breach cannot be understated.” CylancePROTECT is an antivirus for endpoint security, which leverages a machine-learning research platform for malware identification. The product leverages artificial intelligence to identify and classify hundreds of thousands of characteristics per file, dissecting them to determine whether they are malicious or not in real time.

“The OPM breach, and countless others like it, is exactly why we were compelled to apply artificial intelligence to fighting hackers, whether state actors, rogue hackers, organized criminal groups, or cyber terrorists.” said Stuart McClure, founder, president and CEO at Cylance. “Our mission is to protect everyone under the sun and we are just getting started.”

According to the US Computer Emergency Readiness Team (US-CERT), OPM detected suspicious activity on its network on April 16, 2015. The following day, US-CERT notes, OPM opted to call in Cylance officials to “help with the forensics” as it was the company’s tool that had located the malware in the first place. The congressional report noted that “CylancePROTECT was the first tool that OPM used after the agency learned its network was compromised, and the tool immediately found malware and set about cleaning OPM’s enterprise.”

According to OPM’s IT Security Officer Jeff Wagner, what sets Cylance’s solution apart is “the unique way that Cylance functions and operates. It doesn’t utilize a standard signature of heuristics or indicators, like normal signatures in the past have been done, it utilizes a unique proprietary method.”

Scroll to Top