Nation-State Hackers Breached FireEye, Stole Its Red Team Tools
FireEye, a cybersecurity firm known for its incident response reports, announced yesterday that it had been breached by nation-state hackers, blaming Russia for the attack. The company is working with both law enforcement such as the FBI and Microsoft to investigate the attack and uncover more details. According to FireEye CEO Kevin Mandia, the attack was much different than the incidents FireEye had responded to throughout the years, adding that the attack seemed to be designed specifically for FireEye.
The nation-state hackers, according to Mandia, were highly trained and sophisticated, allowing them to tap into a new combination of techniques previously unseen such as methods that counter forensic examination and security tools. The attackers were able to obtain some of FireEye’s red team assessment tools that the company uses for customer engagements. Mandia is currently seeking to restrict any malicious use of the stolen tools, however, there is no sign of them being used in attack yet.