Security firm FireEye hit by state-sponsored cyberattack2020-12-09 17:43 by Daniela
Major cybersecurity firm FireEye has been hit by a cyberattack, with hackers stealing its attack test tools in a targeted heist, the company said in a blog post Tuesday. CEO Kevin Mandia said the hack most likely came from a nation-state attacker.
"Based on my 25 years in cyber security and responding to incidents, I've concluded we are witnessing an attack by a nation with top-tier offensive capabilities," FireEye CEO Kevin Mandia said in the blog post. "This attack is different from the tens of thousands of incidents we have responded to throughout the years. The attackers tailored their world-class capabilities specifically to target and attack FireEye."
The motive for the attack wasn't clear, and it wasn't certain that the hackers intended to swipe what are known as "red team tools" in the security community. Mandia said the attackers "sought information related to certain government customers." However, while the hackers accessed "some of our internal systems," they didn't appear to steal customer data, he said.
The targeted tools provide diagnostic security services to FireEye's customers, by mimicking the behavior of threat actors, said Mandia. The stolen tools range from simple scripts used for automating reconnaissance to entire frameworks that are similar to publicly available technologies such as CobaltStrike and Metasploit.
Mandia said that FireEye is investigating the incident with help from the FBI and key partners such as Microsoft.
Read more -here-