FireEye ranks among the biggest cybersecurity firms in the US. On December 8, the firm announced that it had been hacked, possibly by a state-sponsored group. It also said that the arsenal of hacking tools used to breach the defenses of its users had been stolen.

The FireEye hack is seen as one of the most significant breaches in recent times. This company has many contracts across the national security space in the US and its allies, yet ironically its security was breached. After that announcement, the company’s shares plunged 8% in the after-hours trading.

This breach was published in a public filing with the Securities and Exchange Commission (SEC). An official blog post from the firm stated that the “red team tools” were stolen in a highly sophisticated, possibly government-backed hacking activity that implemented brand new techniques.

FireEye Cybersecurity Firm Hacked In A Possible State-Sponsored Attack 1

For now, it is not yet determined when the hack happened. However, a person familiar with the incident said that the firm has been resettling user passwords in the last two weeks. Apart from tool theft, the hackers also seemed to be highly interested in a segment of FireEye clients: government agencies.

Rep. Adam Schiff, the chair of the House Intelligence Committee, promised to ask for more information.

“We have asked the relevant intelligence agencies to brief the Committee in the coming days about this attack, any vulnerabilities that may arise from it, and actions to mitigate the impacts.”

The FireEye Hack Investigation

So far, no evidence has been found that FireEye’s hacking tools were used or that client data was stolen. Nonetheless, Microsoft and the Federal Bureau of Investigation (FBI) are helping with this investigation. Matt Gorham, the assistant FBI director for the Cyber Division, commented:

“The FBI is investigating the incident, and preliminary indications show an actor with a high level of sophistication consistent with a nation-state.”

One ex-Defense Department official said that Russia is high on the list of suspects. Notably, the Russian interference was a prime concern in the run-up to the US presidential election. The American officials even exposed some Russian hacking strategies at the time.

FireEye Cybersecurity Firm Hacked In A Possible State-Sponsored Attack 2

Previously, other major security firms have also been hacked, including RSA, Kaspersky Lab, and Bit9. These hackings underscore the challenges faced by security teams to keep everything digital away from experienced and sophisticated hackers. A Western security official who insisted on anonymity said that many other security firms have also been breached.

The co-founder and former chief technology officer at CrowdStrike, Dmitri Alperovitch, stated:

“The goal of these operations is typically to collect valuable intelligence that can help them defeat security countermeasures and enable hacking of organizations all over the world.”

FireEye decided to explain what happened and what tools were taken to help others avoid getting hacked by the same group. The cybersecurity said that it is now working on measures to defend systems against its tools with various software makers. In that context, the firm released these countermeasures publicly.

How The Hackers Work

The hackers managed to reveal that the tools use modified versions of public programs as elaborated by the CEO of security firm Bishop Fox, Vincent Liu. The stolen computer tools can be used to exploit many vulnerabilities in popular software products. FireEye CEO Mandia confirmed that none of the stolen red team tools exploited “zero-day vulnerabilities.” Thus, the relevant flaws should by now be public already.

Previous attacks on government contractors and agencies have managed to steal higher-value hacking tools. Eventually, some of these tools were made public, destroying their effectiveness as defenses are set up.

Both the CIA and NSA have been victimized this way in the past decade and Russia is a prime suspect. Iranian and Russian tools have also been hacked and published recently. Furthermore, private surveillance software makers have not been spared.

FireEye Cybersecurity Firm Hacked In A Possible State-Sponsored Attack 3

Analysts and experts believe that it is challenging to estimate the effect of a tool leak that targets familiar software vulnerabilities, but it makes the attackers’ jobs straightforward and easier. Threat intelligence principal at security company Gigamon, Paul Ferguson, said:

“Exploitation tools in the wrong hands will lead to more victimization of people who don’t see it coming, and there are already enough problems like that. We don’t need more exploitation tools floating around making it easier — look at ransomware.”

Whenever private firms discover a weakness in their software products, they create a ‘patch’ or an upgrade to nullify the issue.  However, a majority of the users do not install these patches instantly. Some even delay for many months or years which exposes them to hackers.

About the author

Wanguba Muriuki is an Editor at Large for E-Crypto News and author of the book- "The Exploitative Intrigues of Cryptocurrency Scams Explained." He is also a passionate creator who sees every aspect of life from a written perspective. He loves Blockchain, Cryptocurrency, Technology, and Traveling. He is a widely experienced creative and technical writer. Everything and everyone is describable. The best description is written.

Related Posts

E-Crypto News Executive Interviews



Automated trading with HaasBot Crypto Trading Bots

Crypto Scams

Millions in Cryptocurrency Stolen by Scammers in the Last Month According to Tenable Research
November 24, 2021
Behind The Scenes: How this Crypto Community Responded to + $50m Hack
October 18, 2021
Crypto Scams
Crypto Scams Still Persistent In 2021, SEC Warns About Red Flags To Watch
September 9, 2021
Poly Network
Here’s How Hackers Stole Over $600 million in the Poly Network Attack
August 12, 2021
The World’s Most Infamous Crypto Hacks and Scams
July 31, 2021

Blockchain/Cryptocurrency Questions and Answers

Crypto casinos
How Does Bitcoin Casino Work + 2021 Beginner’s Guide
November 8, 2021
Cryptocurrency
How to Buy and Sell Cryptocurrency
November 8, 2021
What Are Bitcoin Futures And How Will They Work In 2022?
November 4, 2021
Ethereum
The Unconventional Guide to Ethereum
October 28, 2021
ICo Presale
The Science Behind ICO Presales…
October 14, 2021


CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin53,621 0.06 % 5.64 % 8.96 %
Ethereum4,218.8 0.05 % 7.19 % 6.58 %
Binance Coin594.17 0.32 % 4.62 % 6.89 %
Tether0.9986 0.03 % 0.08 % 0.23 %
Solana211.78 1.54 % 10.03 % 0.95 %
Cardano1.560 0.91 % 9.33 % 7.11 %
XRP0.9245 0.05 % 5.53 % 11.32 %
USD Coin1.000 0.14 % 0.20 % 0.17 %
Polkadot30.87 2.19 % 17.29 % 10.73 %
Dogecoin0.2215 0.68 % 1.42 % 7.23 %

bitcoin
Bitcoin (BTC) $ 53,597.00
ethereum
Ethereum (ETH) $ 4,238.73
binance-coin
Binance Coin (BNB) $ 595.06
tether
Tether (USDT) $ 1.00
solana
Solana (SOL) $ 214.83
cardano
Cardano (ADA) $ 1.57
xrp
XRP (XRP) $ 0.92692
usd-coin
USD Coin (USDC) $ 0.998026
polkadot
Polkadot (DOT) $ 33.85
dogecoin
Dogecoin (DOGE) $ 0.200841