U.S. cybersecurity firm FireEye hacked by nation-state hackers and stole test tools used to probe the defences of its thousands of customers.
U.S. cybersecurity firm FireEye hacked by nation-state hackers and stole test tools used to probe the defences of its thousands of customers.
FireEye is a cybersecurity firm headquartered in California providing hardware, software and services to investigate cybersecurity attacks, protect against malicious software, and analyze I.T. security risks.
“FireEye revealed on Tuesday that its own systems were pierced by what it called “a nation with top-tier offensive capabilities.” The company said hackers used “novel techniques” to make off with its tool kit, which could be useful in mounting new attacks around the world.” reported The New York Times.
The firm notified law enforcement, and the F.B.I. launched an investigation into the hack.
The attackers targeted “Red Team assessment tools” that are used by the company to test customer’s security and designed to mimic tools used by many cyber threat actors.
Red Team tools are custom-tools developed from malware spotted by the company in attacks in the wild and could replicate the most sophisticated hacking tools in the world. The company uses these tools for penetration testing and vulnerability assessment on the systems of the FireEye’s customers.
“None of the tools contain zero-day exploits. Consistent with our goal to protect the community, we are proactively releasing methods and means to detect the use of our stolen red team tools.”
These tools in FireEye’s arsenal are placed in a digital safe, but it could be dangerous in the hands of hackers to launch attacks.
"While the attacker was able to access some of our internal systems, at this point in our investigation, we have seen no evidence that the attacker exfiltrated data from our primary systems that store customer information from our incident response or consulting engagements, or the metadata collected by our products in our dynamic threat intelligence systems," explained FireEye CEO Kevin Mandia on FireEye's corporate blog.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?