Refined hackers have turned the tables on FireEye, a single of the world’s leading cybersecurity corporations, thieving digital resources that it utilizes to check its customers’ cyber defenses.
The New York Periods explained the “stunning theft,” which FireEye disclosed on Tuesday, was “akin to bank robbers who, obtaining cleaned out community vaults, then turned all over and stole the FBI’s investigative resources.”
“The hack of a leading cybersecurity company demonstrates that even the most refined businesses are vulnerable to cyberattacks,” explained Sen. Mark Warner, the ranking Democrat on the Senate Intelligence Committee.
FireEye CEO Kevin Mandia explained in a blog site put up that the firm thinks the attackers were being sponsored by “a nation with best-tier offensive capabilities” and made use of “a novel combination of techniques not witnessed by us or our associates in the past” to entry “certain Pink Crew assessment resources that we use to check our customers’ stability.”
“Consistent with a nation-state cyber-espionage exertion, the attacker generally sought info related to specified govt buyers,” he described.
According to the Periods, FireEye “has been the very first get in touch with for govt agencies and businesses all over the globe who have been hacked by the most refined attackers, or panic they may possibly be.”
The firm’s Pink Crew resources mimic the habits of several cyber danger actors and allow FireEye to present diagnostic stability expert services to its buyers. The hack was the major recognised theft of cybersecurity resources considering the fact that a group called ShadowBrokers attacked the Nationwide Stability Company in 2006.
Industry experts explained the thieves could use the Pink Crew resources to cover their possess tracks when they start long run attacks. But Mandia explained FireEye had seen no proof to date that any attacker has made use of them.
“We have realized and proceed to find out much more about our adversaries as a final result of this attack,” he explained.
Mike Chapple, a cybersecurity skilled at the University of Notre Dame and a previous Nationwide Stability Company official, called the FireEye breach “an extraordinarily important attack.”
“As a single of the world’s go-to cybersecurity corporations, FireEye has a ringside seat for some of the most refined breaches carried out around the globe,” he informed CNN Enterprise.