FireEye, one of the leaders in cybersecurity that provides hardware, software, and services to investigate cybersecurity attacks and protect against malicious cyber-attacks, revealed on Tuesday that its own systems were compromised by what they called “a nation with top-tier offensive capabilities.” The company says hackers were able to access FireEye’s own Red Team tool kit, which could be used for mounting new attacks around the world.
The Red Team toolkit stolen by hackers includes the tools FireEye uses to test their own customers’ security vulnerabilities. The Red Team tools are digital tools that replicate some of the most sophisticated hacking tools in the world. FireEye uses the tools to identify vulnerabilities in their clients’ systems. This means that FireEye’s own customers could be indirectly affected by the breach. FireEye has 9,600 customers across 103 countries including more than 50% of the Forbes Global 2000.
The hackers also appeared to be interested in a specific group of FireEye’s customers: government agencies, which leads some sources to believe it could be related to the recent presidential election.
What did FireEye say?
“Based on my 25 years in cybersecurity and responding to incidents, I’ve concluded we are witnessing an attack by a nation with top-tier offensive capabilities” shared FireEye CEO, Kevin Mandia. He also added that the hack was “different from the tens of thousands of incidents we have responded to throughout the years,” and that the hackers “used a novel combination of techniques not witnessed by us or our partners in the past.”
FireEye is working with the FBI and other partners including Microsoft to conduct an investigation into the hack including how it happened and who executed it. Many are speculating that this will go down as one of the most significant attacks in recent years. The impact of the breach remains unknown including whether or not the hackers intend to go public with the information they gathered or weaponize the Red Team Tools to compromise other systems.