One of the world’s largest cybersecurity firms FireEye disclosed its data security breached on Tuesday, December 8, 2020. Based on its statement, the company was possibly hacked by a nation-state considered a “highly sophisticated threat actor.”
According to Bloomberg, FireEye Inc. reportedly suffered from attackers stealing internal tools that the company uses to test computer defenses for network vulnerabilities. Following the incident, the company shares sank by a massive 9.8% as said on the news.
Considered one of the most significant security breaches in recent history states The Guardian, FireEye’s position as a cybersecurity firm with contracts and partnerships across various sectors makes its incident a national security issue.
NBC News said that FireEye Inc. works with some of the most renowned federal agencies in the United States. These include the Federal Bureau of Investigation (FBI) and the National Security Agency.
Based on the blog post by chief executive officer Kevin Mandia on its website, the incident is tagged as “an attack by a nation with top-tier capabilities.”
The CEO failed to mention a particular country, a practice which NBC finds peculiar since FireEye started the tradition of naming breaches to hacker groups and the country they are working for.
Upon further investigation on the incident, Mandia said that the threat actors seemed most interested in getting access and information on top government clients.
Besides this, NBC news states that the hackers were able to access the internal hacking tools used by the firm’s Red Team. These internal tools were reportedly used to hack into FireEye’s clients’ database to further provide insight on how to defend against such attacks in the future.
Following this, Mandia and the rest of the cybersecurity team decided to release the countermeasures against the said tools available for public use. In a statement, Mandia said, “None of the tools contain zero-day exploits. Consistent with our goal to protect the community, we are proactively releasing methods and means to detect the use of our stolen red team tools.”
To help with the investigation, FireEye tapped Microsoft with its assessment. Apart from this, the Federal Bureau of Investigation has also taken to investigating the incident, both of which showed consistent findings with an attack conducted by a nation-state.
This has since been confirmed by the assistant director of the FBI’s Cyber Division Matt Gorham in an email to NBC.
Despite issuing a statement to the public, Tech Crunch states that there is no clear indication as to how or when the cybersecurity attack occurred. The company in question failed to provide an answer to Tech Crunch
