Top cybersecurity firm FireEye hacked by nation-state

Dec. 9 (UPI) -- Leading cybersecurity firm FireEye has revealed it was hacked by a "highly sophisticated threat actor" who stole tools it uses to test the security of its customers, which include governments and major corporations.

The company announced the breach Tuesday in a statement, saying it believes the attack was state sponsored by "a nation with top-tier offensive capabilities."


"Our number one priority is working to strengthen the security or our customers and the broader community. We hope that by sharing the details or our investigation the entire community will be better equipped to fight and defeat cyber attacks," the statement said.

The California-headquartered company said the attackers operated clandestinely, using "a novel combination of techniques not witnessed by us or our parters in the past."

RELATED North Korea hackers created spoof Hyundai sites, report says

The methods deployed deflected security tools and prevented forensic examination, it said, adding the hackers stole what the firm calls "Red Team tools" it uses to mimic the behavior of many malicious cyberactors and enables it to assess its customers' diagnostic security services.

"We're not sure if the attacker intends to use our Red Team tools or to publicly disclose them. Nevertheless, we are proactively releasing methods and means to detect the use of our stolen Rem Team tools," the statement read.


The statement did not state when the attack occurred but that the company has seen no evidence the tools stolen have been used.

RELATED Florida COVID data whistleblower says state police confiscated computers in armed raid

It added that the attacker, however, sought information related to specific government customers but that it has seen "no evidence that the attacker exfiltrated data from our primary systems that store customer information."

Matt Gorham, assistant director of the FBI Cyber Division, confirmed the attack in a statement, saying they were investigating it and that preliminary indications show "an actor with a high level of sophistication consistent with a nation-state" was behind it.

Kevin Mandia, the chief executive officer of FireEye, said the attack was "different from the tens of thousands of incidents" the company has seen over the years.

RELATED Forrest Fenn treasure finder steps forward

Rep. Adam Schiff, D-Calif., chairman of the House select committee on intelligence, described the hack as "especially concerning" since the tools made off with could help mount future attacks.

"Foreign actors have not stopped attacking our country and its critical and cybersecurity infrastructure since 2016," Schiff said in a statement. "In fact, they've continued, grown more sophisticated and only have to succeed once, while the U.S. government and companies alike have to pitch a perfect game."


Schiff has asked the the U.S. intelligence community to brief the committee on the incident in the coming days.

Latest Headlines


Follow Us