FireEye systems taken down in major cyberattack

security
OpenVPN-protokollet - därför är det så bra (Image credit: Shutterstock)

One of the world’s largest cybersecurity firms has been hacked in what it believes to be a state-sponsored attack. 

US firm FireEye said that company tools used to test cyber defenses had been stolen, with the attackers primarily looking to target government customers.

FireEye has confirmed that the attackers targeted and acquired its Red Team assessment tools that are used to test customer security. An investigation into the attacks remains ongoing, with FireEye working alongside the FBI and select partners, including Microsoft.

Follow-up attacks

As of yet, FireEye has refused to speculate on who the attackers might be but the use of high-level capabilities and a never-before-seen combination of techniques lead them to believe that they have state backing.

One of the most worrying aspects of this particular cyberattacks is that it has provided the attackers with a bounty of potential weapons that could be used as part of follow-up attacks. The Red Team tools that were stolen are those that can be hired by companies to carry out mock cyberattacks in order to improve defenses.

Although FireEye knows what the tools are and what sort of exploits they can be used to deploy, they will have to act quickly to ensure that safeguards are shared before the cyberattackers make use of their ill-gotten tools. Fortunately, none of the Red Team tools contain zero-day exploits.

“Based on my 25 years in cyber security and responding to incidents, I’ve concluded we are witnessing an attack by a nation with top-tier offensive capabilities,” FireEye CEO Kevin Mandia explained

“This attack is different from the tens of thousands of incidents we have responded to throughout the years. The attackers tailored their world-class capabilities specifically to target and attack FireEye. They are highly trained in operational security and executed with discipline and focus. They operated clandestinely, using methods that counter security tools and forensic examination. They used a novel combination of techniques not witnessed by us or our partners in the past.”

Via ZDNet

Barclay Ballard

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.