Security Firms FireEye Discloses Security Breach

Today the cybersecurity firm FireEye disclosed that they were the victim of a sophisticated hack. The hackers accessed FireEye’s internal network and seem to have stolen hacking tools FireEye uses to text client’s networks.

In a disclosure published on the FireEye website, CEO Kevin Mandia said a “highly sophisticated threat actor” one the company believes may be nation state-sponsored targeted FireEye, saying, “The attackers tailored their world-class capabilities specifically to target and attack FireEye. They are highly trained in operational security and executed with discipline and focus.” the disclosure reads.

The attacker accessed “certain Red Team assessment tools that we use to test our customers’ security,” the disclosure adds, “We are proactively releasing methods and means to detect the use of our stolen Red Team tools. We are not sure if the attacker intends to use our Red Team tools or to publicly disclose them. Nevertheless, out of an abundance of caution, we have developed more than 300 countermeasures for our customers, and the community at large, to use in order to minimize the potential impact of the theft of these tools.”

Given the tools FireEye believes the attackers now have access to, the company is sharing indicators of compromise on GitHub to help other companies detect if hackers are using any of FireEye’s stolen tools to breach their networks.

Photo by Bermix Studio on Unsplash

Leave a Reply

Your email address will not be published.