The hack on the $3.5 billion cyber security firm, FireEye, will go down as one of the most important cyber attacks and infiltrations reported this year.
FireEye cyber attack
FireEye, one of the world’s leading cyber security organisations, admitted earlier this week that it was hit by a super sophisticated cyber attack, the likes of which it had not seen until date. The hackers infiltrated the FireEye servers and reportedly stole documents and cyber threat assessment tools used by FireEye for its clients. While the company claims that it has so far not seen proof of hackers using any of its stolen tools and techniques to lay out any major cyber attack campaign so far, it is still updating and informing its clients regarding the breach, along with laying out over 300 counter-measures that would work to strengthen the cyber security of all of FireEye’s clients.
Writing on the official FireEye blog, CEO Kevin Mandia also identified that the hack was undertaken in a specific purpose campaign, by hackers who were most likely a part of a national government-backed hacking campaign. This further raises questions regarding potential use of cyber threats as an offensive or defensive weapon by countries, cyber warfare and other associated details. “They are highly trained in operational security and executed with discipline and focus. They operated clandestinely, using methods that counter security tools and forensic examination. They used a novel combination of techniques not witnessed by us or our partners in the past. We are actively investigating in coordination with the Federal Bureau of Investigation and other key partners, including Microsoft,” added Mandia.
Explaining the nature of the hack and its impact, Mandia further added, “Consistent with a nation-state cyber-espionage effort, the attacker primarily sought information related to certain government customers. While the attacker was able to access some of our internal systems, at this point in our investigation, we have seen no evidence that the attacker exfiltrated data from our primary systems that store customer information from our incident response or consulting engagements, or the metadata collected by our products in our dynamic threat intelligence systems. If we discover that customer information was taken, we will contact them directly.”
While this is not the first cyber attack carried out by a nation-backed group of hackers on a major, important organisation, this particular move may be the first of its kind since the hackers here directly targeted only a cyber security firm’s offence testing tools. In cyber security parlance, this may have been done in order to get access to sophisticated hacking tools, or even to figure out the capabilities of a cyber security company’s hacking and exploit tools in order to build better malware – something that gets progressively harder to defend against.
FireEye is a publicly traded cybersecurity company headquartered in Milpitas, California. It has been involved in the detection and prevention of major cyber attacks. It provides hardware, software, and services to investigate cybersecurity attacks, protect against malicious software, and analyze IT security risks.
Stock price: FEYE (NASDAQ) $13.69 +0.20 (+1.48%)
Dec 10, 16:00 EST – Disclaimer
Founder: Ashar Aziz
Founded: February 2004, Milpitas, California, United States
CEO: Kevin Mandia (Jun 15, 2016–)
Headquarters: Milpitas, California, United States
Revenue: 889 million USD (2019)
Subsidiaries: Mandiant, Verodin, Inc., Cloudvisory LLC, X15 Software, Inc., Respond Software, Inc., Ensighta Security Inc, more