U.S. cyber security group FireEye reported Tuesday (8) that it suffered a major cyber attack, most likely spearheaded by government-sponsored hackers who stole powerful tools that the company uses to test its systems. Customers versus intruders.
The Silicon Valley company’s shares fell nearly 8% after trading after it detailed what it thought was a carefully targeted operation.
The company said the attackers gained access to its internal systems and “mainly sought information on specific government customers,” but they did not appear to have stolen their customers’ data.
Attackers have successfully obtained tools from FireEye’s “red team,” a group of employees who break into customer networks to highlight vulnerabilities, the report said.
The company declined to attribute the attack to any country, but concluded that it was led by a “nation with world-class offensive capabilities”.
The news marks a rare and embarrassing case of a well-known cybersecurity provider being breached, and increases the chance that hackers will now use the red team’s tools to attack others.
FireEye said it had no evidence that the stolen tools were used by the attackers, but released more than 300 “countermeasures” to help its customers and others protect themselves.
The company added that none of the stolen tools contained “zero-day exploits” – vulnerabilities that have never been publicly identified and for which there are no fixes.
FireEye said it is investigating the theft with the help of the FBI and other groups, including Microsoft.
“Based on my 25 years of cybersecurity and incident response experience, I have come to the conclusion that we are witnessing an attack by a nation with high level offensive capabilities,” said Kevin Mandia, FireEye chief executive officer.
“This attack is different from the tens of thousands of incidents that we have responded to over the years. They were covertly deployed and used techniques that targeted security tools and forensic investigations. They used a new combination of techniques that neither was ours have been observed by our partners. in the past. “
Matt Gorham, assistant director of the FBI’s cyber division, said the agency was investigating the incident and found that the level of sophistication was “compatible with a nation-state.”
Translation by Luiz Roberto M. Gonçalves