FireEye, one of the world's largest security companies, has announced that it has been breached and that a "highly sophisticated attacker" gained access to its internal network. That's how he managed to steal hacking tools that FireEye uses to test its customers' networks.
In a press release, FireEye CEO Kevin Mandia said the attacker also sought information related to some of the company's government customers.
Mandia described the attacker as "highly sophisticated, whose discipline, operational security and techniques lead us to believe it was a state attack".
"With base "In 25 years of cyber security and response to incidents, I have come to the conclusion that we are witnessing an attack by a state with superior offensive capabilities." said Mandia.
"This attack is different from the tens of thousands of incidents we have responded to over the years," he added.
"The attackers were highly trained in operational security and acted with discipline and focus.
“They were operating covertly, using methods that bypass security tools and testing forensic. They used a new combination of techniques that have not been seen before by us or our partners.”
FireEye said its findings were confirmed by Microsoft, which called on the company to help investigate the breach.
The Federal Bureau of Investigation (FBI) has also been informed and is currently assisting the company.
Because FireEye believes the intruders got their hands on custom penetration testing tools, the company released compromise indicators (IOCs) and countermeasures to her GitHub account. The data from GitHub will help other companies find out if hackers used any of FireEye's stolen tools to break into their networks.
Knowing that he may be the target of the next attack, at Twitter, most cybersecurity professionals showed their support for the company and praised FireEye for its quick disclosure.
With the Fireeye breach news coming out, it's important to remember that no one is immune to this. Many security companies have been successfully compromised over the years, including Symantec, Trend, Kaspersky, RSA and Bit9 1 /
- Dmitri Alperovitch (@DAlperovitch) December 8, 2020
Going to be a lot of folks that dunk on FireEye for this but from my quick review they found it themselves and self disclosed. Everyone gets breached. Kudos to Kevin and the team for detecting and responding well. https://t.co/CxHM375Jbu
- Robert M. Lee (@RobertMLee) December 8, 2020
