Cybersecurity giant FireEye hacked by a nation-state, most likely Russia

Spread the love


Has Cozy Bear been at it again?

It takes a lot of resources and skill to hack any cybersecurity firm, so successfully penetrating one of the largest in the US sounds impossible. But FireEye, a $3.5 billion company that has contracts with governments and corporations around the world, discovered it can happen. The firm said the breach was likely the work of a foreign government using hackers with “world-class capabilities,” and all the signs point to Russia.

“Recently, we were attacked by a highly sophisticated threat actor, one whose discipline, operational security, and techniques lead us to believe it was a state-sponsored attack,” Kevin Mandia, FireEye’s CEO, wrote in a press release. “They used a novel combination of techniques not witnessed by us or our partners in the past.”

FireEye said that the hackers primarily sought information related to certain government customers, though it’s unclear how successful they were. There is no evidence that the attackers stole customer information from the company’s incident response or consulting businesses or any data from its threat intelligence systems.

RECOMMENDED READ:  Analyst says Nintendo Switch Pro is arriving this year

The attackers did, however, access Red Team assessment tools used to test customers’ network defenses. While FireEye says none of the tools contain zero-day exploits, it’s concerning to know that an already skilled group of hackers now has access to these stolen Red Team tools.

“We are not sure if the attacker intends to use our Red Team tools or to publicly disclose them. Nevertheless, out of an abundance of caution, we have developed more than 300 countermeasures for our customers, and the community at large, to use in order to minimize the potential impact of the theft of these tools,” added Mandia.

FireEye limits its description of the attackers to being sponsored by a nation-state, but the New York Times writes that the FBI has handed the investigation over to its Russian specialists, while the Washington Post said the incident was the work of the Russian SVR intelligence service. That would make the hackers part of the same Cozy Bear group that infiltrated the Democratic National Committee in 2016 and has been trying to steal coronavirus vaccine research from the US and UK.

RECOMMENDED READ:  Asus ROG Phone 5 to come with 18GB of RAM, based on the benchmark.

Main image credit: Michael Vi

Apple teams up with Common Sense Media to compile podcasts for children

Good news for parents who want sound audio material for their children. Podcasts have hit a new height over the Read more

Taiwan says that its TSMC-led semiconductor industry has ample water until May

The nation has been facing the worst drought in 56 years Taiwan has eased concerns that global semiconductor shortages could Read more

Dell’s redesigned G15 gaming laptop packs with RTX 3000 graphics and a speckled paint job.

It will initially be sold in China, but Dell did not announce any pricing for any of the three models. Read more

NFTs,  new crypto craze explained

NFTs are authenticating the originality of digital products If you've been watching tech or financial news late, you may have Read more

Leave a Reply

Your email address will not be published. Required fields are marked *