Cybersecurity giant FireEye hacked by nation-state, likely Russia

midian182

midian182

Posts: 9,766   +121
Staff member
Why it matters: It takes a lot of resources and skill to hack any cybersecurity firm, so successfully penetrating one of the largest in the US sounds impossible. But FireEye, a $3.5 billion company that has contracts with governments and corporations around the world, discovered it can happen. The firm said the breach was likely the work of a foreign government using hackers with "world-class capabilities," and all the signs point to Russia.

"Recently, we were attacked by a highly sophisticated threat actor, one whose discipline, operational security, and techniques lead us to believe it was a state-sponsored attack," Kevin Mandia, FireEye's CEO, wrote in a press release. "They used a novel combination of techniques not witnessed by us or our partners in the past."

FireEye said that the hackers primarily sought information related to certain government customers, though it's unclear how successful they were. There is no evidence that the attackers stole customer information from the company's incident response or consulting businesses or any data from its threat intelligence systems.

The attackers did, however, access Red Team assessment tools used to test customers' network defenses. While FireEye says none of the tools contain zero-day exploits, it's concerning to know that an already skilled group of hackers now has access to these stolen Red Team tools.

"We are not sure if the attacker intends to use our Red Team tools or to publicly disclose them. Nevertheless, out of an abundance of caution, we have developed more than 300 countermeasures for our customers, and the community at large, to use in order to minimize the potential impact of the theft of these tools," added Mandia.

FireEye limits its description of the attackers to being sponsored by a nation-state, but the New York Times writes that the FBI has handed the investigation over to its Russian specialists, while the Washington Post said the incident was the work of the Russian SVR intelligence service. That would make the hackers part of the same Cozy Bear group that infiltrated the Democratic National Committee in 2016 and has been trying to steal coronavirus vaccine research from the US and UK.

Main image credit: Michael Vi

Permalink to story.

https://www.techspot.com/news/87900-cybersecurity-giant-fireeye-hacked-nation-state-likely-russia.html

 
  • Like
Reactions: XCentric
Hopefully these types of companies have some sort of code tracker so they can see exactly what was done in order to get into their system and it will benefit all of us. I suppose it is possible, but not desirable, to have a program set up that once it detects similar attempts, would do an orderly shut down of their servers like we have done with leak and/or fire detection systems in large computer rooms. Anyone have any direct experience with this???
 
I find this discriminating!!! now put away word "Russian" and put word "jewish" or "chinese" and after that we would see picture at different angle now it is either anti semitic or racist. After this preface we come to article itself. There is no proof or any evidence of involving Russian intellegence service there, and again we came to the preface of my comment write something about chinese and there you have racism and ppl shouting: where is your proof? . After that, when chinese got caught in spying with all the evidences proving that, all the mass media starts to defend them, and again no word "chinese" but now appear word "Chinese communist party" (CCP). If we take look at all articles on the internet and even in so call liberal CCN everywhere we see Russian as ethnic or countrymen, but not Putin or Putin's men, Putin's regime.
 
  • Like
Reactions: Reehahs, Danny101 and kimo1
If the west get hacked, then it has to be Russia or China. If Russia or China gets hacked then it has to be the west. Nowadays you can fake just anything. And the stupid people will believe and obey anything told on TV. There are many strategies in information war. Specially crafted news articles, social engineering, subliminal messages. Who's telling the truth, who do you TRUST?
And so what if your gov has access to 20 years supply of 0-day exploits. There's nothing you can ever do about it. With trading enough gold bars they'll always have a backdoor. Or they'll order genocide of all intellectual people and destruction of all libraries.
 
  • Like
Reactions: lgsystems
To be fair the author wrote " FireEye limits its description of the attackers to being sponsored by a nation-state" and that it is the New York Times article headline that states:
"FireEye, a Top Cybersecurity Firm, Says It Was Hacked by a Nation-State
The Silicon Valley company said hackers — almost certainly Russian — made off with tools that could be used to mount new attacks around the world."
Now who to trust? That's why I always liked the 'cigarette smoking man' in the X-files TV show. His lighter had an engraved motto "Trust No One"
 
NotAChainsaw said:
I find this discriminating!!! now put away word "Russian" and put word "jewish" or "chinese" and after that we would see picture at different angle now it is either anti semitic or racist. After this preface we come to article itself. There is no proof or any evidence of involving Russian intellegence service there, and again we came to the preface of my comment write something about chinese and there you have racism and ppl shouting: where is your proof? . After that, when chinese got caught in spying with all the evidences proving that, all the mass media starts to defend them, and again no word "chinese" but now appear word "Chinese communist party" (CCP). If we take look at all articles on the internet and even in so call liberal CCN everywhere we see Russian as ethnic or countrymen, but not Putin or Putin's men, Putin's regime.
Click to expand...

I mean it's literally being handled by Russia specialists at the FBI. But no, let's all play the racism card.

Come on mate. There's a chance it could be someone else, sure, but don't get all stuffy about signs pointing to it being Russia. Whether it's Russia, China, Iran, Israel, or whoever, it's always the usual suspects on the attack. Don't get your knickers in a twist.

And yes the US, UK etc are guilty of hacking them back, blah blah. It goes both ways. My point is, if someone says "it looks like Russia did it", then - believe it or not - it probably was Russia. Nothing to get offended about.
 
  • Like
Reactions: Charles Olson, mbrowne5061 and No Longer Human
They're hardly going to admit it was some spotty 13 year old kid from the local high school are they?
 
Cybersecurity giant? FireEye is a joke! When I was an undergrad 7 years ago, I tutored a senior software engineer in Python, highly doubt their engineering competence. Hacked by Russia, right, of course. It's probably some Indian fraud who used a fake resume got a job at FireEye and wrote some crappy code, which left the product wide open to the world.
 
thelatestmodel said:
I mean it's literally being handled by Russia specialists at the FBI. But no, let's all play the racism card.

Come on mate. There's a chance it could be someone else, sure, but don't get all stuffy about signs pointing to it being Russia. Whether it's Russia, China, Iran, Israel, or whoever, it's always the usual suspects on the attack. Don't get your knickers in a twist.

And yes the US, UK etc are guilty of hacking them back, blah blah. It goes both ways. My point is, if someone says "it looks like Russia did it", then - believe it or not - it probably was Russia. Nothing to get offended about.
Click to expand...
No, no, don't you get it? US bad, everyone else good.
 
thelatestmodel said:
I mean it's literally being handled by Russia specialists at the FBI. But no, let's all play the racism card.

Come on mate. There's a chance it could be someone else, sure, but don't get all stuffy about signs pointing to it being Russia. Whether it's Russia, China, Iran, Israel, or whoever, it's always the usual suspects on the attack. Don't get your knickers in a twist.

And yes the US, UK etc are guilty of hacking them back, blah blah. It goes both ways. My point is, if someone says "it looks like Russia did it", then - believe it or not - it probably was Russia. Nothing to get offended about.
Click to expand...
Your pissing in the wind with these Dump Cultists.
 
  • Like
Reactions: Charles Olson
thelatestmodel said:
I mean it's literally being handled by Russia specialists at the FBI. But no, let's all play the racism card.
Click to expand...
The investigation hasn't even begun, so the mere fact that the FBI chose their most experienced unit to start the investigation means little. Especially since any hacking nation or group skilled enough to do something like this can certainly muddy the trail with false clues left behind. A computer used in the attack appears to have an IP based in Russia? Or a Cyrillic-language keyboard code? These are trivial to spoof. These aren't basement amateurs, after all.

In the absence of confirmation through foreign intel, the only meaningful signs will be a generalized m.o. for the attack itself ... and that is highly circumstantial at best.
 
You must log in or register to reply here.

Similar threads

midian182
Russia-backed hacking group suspected of attack on US water system
Replies
13
Views
220
trparky
T
midian182
Ad for a cheap BMW was used as Trojan horse in Russian cyberattack on Ukrainian diplomats
Replies
1
Views
348
Jaabaaar
Jaabaaar
A
Russian state-sponsored hackers compromised Microsoft source code repositories
Replies
16
Views
427
ZedRM
ZedRM

Latest posts

Back