FireEye hack: foreign government attackers steal ‘Red Team’ tools from US cybersecurity firm
- Attack carried out by ‘nation with top-tier offensive capabilities’
- Hackers stole tools used to probe defences of FireEye customers
FireEye, one of the largest cybersecurity companies in the United States, said on Tuesday that it had been hacked, likely by a government, and that an arsenal of hacking tools used to test the defences of its clients had been stolen.
The hack of FireEye, a company with an array of contracts across the national security space both in the United States and its allies, is among the most significant breaches in recent memory.
The FireEye breach was disclosed in a public filing with the Securities and Exchange Commission citing CEO Kevin Mandia. A blog post by the company said “Red Team tools” were stolen as part of a highly sophisticated, likely government-backed hacking operation that used previously unseen techniques.
“I’ve concluded we are witnessing an attack by a nation with top-tier offensive capabilities,” Mandia said, deeming it “different from the tens of thousands of incidents we have responded to throughout the years”,
It is not clear exactly when the hack initially took place, but a person familiar with the events said the company has been resetting user passwords over the past two weeks.
Beyond the tool theft, the hackers also appeared to be interested in a subset of FireEye customers: government agencies.
