By Dave McKay | December 9, 2020
Major Cyber Security Firm Attacked
One of the largest cyber security firms in the US has been hit by a successful cyberattack. Cyber security giant FireEye published a blog post describing the event.
CEO Kevin Mandia said the hack most likely came from a nation-state attacker:
“Based on my 25 years in cyber security and responding to incidents, I’ve concluded we are witnessing an attack by a nation with top-tier offensive capabilities,” Mandia said in his post. “This attack is different from the tens of thousands of incidents we have responded to throughout the years. The attackers tailored their world-class capabilities specifically to target and attack FireEye.”
The hackers managed to exfiltrate FireEye’s “Red Team” tools. These tools are used to test customers’ networks to unearth vulnerabilties and potential exploits. FireEye have contacted the FBI and are collaborating with them.
Matt Gorham, assistant director of the FBI Cyber Division echoed Mandia’s assessment:
“The FBI is investigating the incident, and preliminary indications show an actor with a high level of sophistication consistent with a nation-state,”
FireEye have had to take the astonishing step of providing defensive tools against their own attack software. Sooner or later—and it must be assumed, sooner—those tools will be used against companies or other selected targets such as Agencies and government or military bodies. These are on GitHub.
The attackers method’s have been reported as highly sophisticated, using hitherto unseen techniques to cover their tracks to the extent that forensic investigations would be impaired.
Source: CNET