Cybersecurity tools of FireEye hit by a state-sponsored attack

FireEye, one of the largest cybersecurity companies in the US, claims it has been compromised by a state-sponsored attacker. Hackers have targeted and accessed the so-called Red Team tools of the company, which they use to test consumer security and detect vulnerabilities.

There is now suspicion that these tools might be leaked publicly by hackers or used to target others, but there is no proof that this has occurred yet. FireEye claims it does not believe that any consumer data has been taken.

Although the blog post, written by Kevin Mandia, CEO of FireEye, does not say who is responsible, it claims the attacking country has “top-tier offensive capabilities.” The Wall Street Journal reports that Russia is a suspect. The official investigation into who is responsible, though is pending.

This attack is different from the tens of thousands of incidents we have responded to throughout the years,” Mandia wrote in the post, stating that the attackers “are well trained in operational security and conducted (the hack) with focus and discipline.” The report did not claim when the hack took place or when it became known to FireEye.

“They worked clandestinely, using counter-security tools and forensic analysis techniques. They used a modern mix of methods not seen in the past by us or our partners,” Mandia wrote. Along with the FBI, as well as industry partners such as Microsoft, FireEye claims it’s investigating the hack.

US Senator Mark Warner, who serves as vice-chairman of the Senate Special Committee on Intelligence and co-chairs of the Senate Cybersecurity Caucus, lauded FireEye’s announcement of the threat, which WSJ reports, led its stock to decline by around 7 percent in after-hours trading.

FireEye stated that it has built over 300 countermeasures in response to the attack to protect its customers and the cybersecurity community defends itself against the stolen tools. These countermeasures have been incorporated into their own security products, exchanged with colleagues in the security community, and made freely accessible. As they become available, FireEye intends to share additional countermeasures.