FireEye, a US cybersecurity firm says it has recently been attacked by a highly advanced threat actor, anticipating the hacking was state-sponsored. In a blog, FireEye CEO Kevin Mandia said company tools crucial for testing customers' security had been stolen.
The attacker essentially sought information pertaining to certain government customers, he wrote. The blog did not mention who might have carried out the attack. The firm and the FBI are probing the hack. FireEye's share price fell after the company's acknowledgement of the hack.
What Did FireEye Say?
Based on my 25 years in cyber security and experience of incidents, I have figured we are witnessing an attack by a nation with top-tier invading capabilities, Mr. Mandia said in Saturday's blog that the hack was unusual from the tens of thousands of incidents we have responded to throughout the years.
The attackers styled their world-class capabilities particularly to target and attack FireEye. They used a strange combination of techniques not seen by us or our partners in the past, the blog said.
California-based FireEye was incorporated in 2004. It is exclusive in investigating attacks in cyberspace against companies across the globe. It is being known as one of the fastest-growing firms in the industry. Mr. Mandia started his career in the US Air Force investigating the first major cyber attack on America's defence secrets by another state.
In that case, the Russians were behind, even though Mr. Mandia does not name names, Russia may well be the prime accused this time.
Shiver Down The Spines
FireEye is a highly rated firm used by companies and governments around the world to defend them from hacking. So when the protectors themselves get hacked it frightens the cyber security experts.
It is not the first time a major cyber security firm has been hacked - but what is concerning here is that FireEye's so-called "Red Team" hacking tools have been stolen.
Like many cyber security companies, FireEye has an invading division that can be hired by companies and governments to perform simulated cyber attacks to help an organisation upgrade its defences.
FireEye says its hacking weapon has been raided meaning that whoever it was now has a mighty collection of new techniques to employ.
This has also emerged before in the infamous Shadow Broker leaks in which hackers stole and shared cyber weapons evolved by the US National Security Agency. This resulted in successful and traumatic attacks on businesses and civilians all over the world.
The saving grace here, feasibly, is that FireEye knows precisely what hacking tools they had and, confidently, how to defend against them.
The race is on to get the warnings out there before the hackers take advantage.