A Cybersecurity Firm Was Hacked
The cybersecurity firm FireEye has come under cyberattack by "highly sophisticated" actors likely sponsored by a nation state, in a rare and extremely serious instance of a mainstream security vendor being compromised. The hack could even give the perpetrators the means to launch attacks against other targets.
In an investor disclosure, FireEye said the attack was highly customized to target FireEye's systems and is unlike any the company has responded to in the past.
"Based on his 25 years in cyber security and responding to incidents, Kevin Mandia, our Chief Executive Officer, concluded we are witnessing an attack by a nation with top tier offensive capabilities," the SEC filing said. The attacker accessed "certain Red Team assessment tools that we use to test our customers' security," the disclosure continued, implying that many of FireEye's clients, including its government customers, could be indirectly affected by the breach. "We are proactively releasing methods and means to detect the use of our stolen Red Team tools. We are not sure if the attacker intends to use our Red Team tools or to publicly disclose them. Nevertheless, out of an abundance of caution, we have developed more than 300 countermeasures for our customers, and the community at large, to use in order to minimize the potential impact of the theft of these tools."
FireEye is working with the FBI and other forensic partners, including Microsoft. Matt Gorham, assistant director of the FBI's Cyber Division, said in a statement that "preliminary indications show an actor with a high level of sophistication consistent with a nation state." Early evidence suggests that a Russia-linked actor was behind the operation, according to a person familiar with the matter. Mandia said the attackers tried to access information "related to certain government customers," but that the company has no evidence yet that customer information has been stolen. None of the stolen cybersecurity tools contained so called zero-day exploits, Mandia said. Zero-day vulnerabilities are software vulnerabilities that have never been publicly identified or patched, and can be extremely dangerous if weaponized by malicious actors. FireEye is among the world's preeminent cybersecurity firms, selling services designed to prevent, detect, and respond to network security attacks. It also conducts extensive research on some of the most sophisticated hacking groups, known in the industry as advanced persistent threats.
At Dallas Network Services, we work with a large variety of businesses based in Dallas and Fort Worth (DFW) and the surrounding area such as Addison, Plano, Carrollton, Denton, Richardson, Garland and beyond. We also extend our reach outside the area to include all Texas and other states. We provide on premise server support including Microsoft Exchange as well as Cloud computing services and hosted solutions. We specialize project services, network support, desktop support and voice over IP (VoIP) business phones. Our fully managed IT services will improve your business reliability as well as your bottom line. Contact us today at www.dallasnetworkservices.com chat or call 214-696-6630. #DNS#dallasnetworkservices#techsupport#hacker#cybersecurity#MSP