What’s happened?Cybersecurity firm FireEye says it has been hacked.
Ouch!Yup.
What is FireEye saying about it?The company’s CEO Kevin Mandia has published a blog post which doesn’t specify who they believe was responsible but does say that the attackers “primarily sought information related to certain government customers.”
He continues:
“We were attacked by a highly sophisticated threat actor, one whose discipline, operational security, and techniques lead us to believe it was a state-sponsored attack…”
“Based on my 25 years in cyber security and responding to incidents, I’ve concluded we are witnessing an attack by a nation with top-tier offensive capabilities. This attack is different from the tens of thousands of incidents we have responded to throughout the years. The attackers tailored their world-class capabilities specifically to target and attack FireEye. They are highly trained in operational security and executed with discipline and focus. They operated clandestinely, using methods that counter security tools and forensic examination. They used a novel combination of techniques not witnessed by us or our partners in the past.”
What did the hackers steal from FireEye?FireEye says that so far its investigation has found that the hackers accessed “Red team” tools normally used to test customers’ security.
“These tools mimic the behavior of many cyber threat actors and enable FireEye to provide essential diagnostic security services to our customers. None of the tools contain zero-day exploits.”
It’s unclear if the hackers intend to publicly release the tools they stole from FireEye or use them for their own purposes. Regardless, FireEye says ..
Support the originator by clicking the read the rest link below.
