BELOW SUPERNAV drop zone ⇩

U.S. cybersecurity firm FireEye discloses breach, theft of internal hacking tools

Kevin Mandia, CEO of FireEye, testifies on Russian Intelligence Activities during US elections during a Senate Select Committee on Intelligence hearing on Capitol Hill in Washington, DC, March 30, 2017. / AFP PHOTO / SAUL LOEB

MAIN AREA TOP drop zone ⇩

(Reuters) — FireEye, one of the largest cybersecurity companies in the United States, said on Tuesday that it has been hacked, possibly by a government, leading to the theft of an arsenal of internal hacking tools typically reserved to privately test the cyber defenses of their own clients.

The hack of FireEye, a company with an array of business contracts across the national security space both in the United States and its allies, is among the most significant breaches in recent memory.

The FireEye breach was disclosed in a blog post authored by CEO Kevin Mandia. The post said “red team tools” were stolen as part of a highly sophisticated, likely “nation-state” hacking operation. It is not clear exactly when the hack initially took place.

Beyond the tool theft, the hackers also appeared to be interested in a subset of FireEye customers: government agencies.

“We hope that by sharing the details of our investigation, the entire community will be better equipped to fight and defeat cyber attacks,” Mandia wrote.

The company itself has partnered in recent weeks with different software makers to share defensive measures.

There is no evidence yet that FireEye’s hacking tools have been used or that client data was exfiltrated. But the investigation, which includes help from the Federal Bureau of Investigation and Microsoft Corp, is in its early phases.

“This incident demonstrates why the security industry must work together to defend against and respond to threats posed by well-funded adversaries using novel and sophisticated attack techniques,” a Microsoft spokesperson said.

The FBI did not immediately respond to a request for comment.

The stolen computer espionage kit targets a myriad of different vulnerabilities in popular software products. It is not yet clear exactly which systems may be affected.

But Mandia wrote that none of the red team tools exploited so-called “zero day vulnerabilities,” meaning the relevant flaws should already be public.

Experts say it can be difficult to measure the impact of a hacking tool leak which focuses on known software vulnerabilities. Whenever a private company becomes aware of a vulnerability in their software product they often try to offer a “patch” or upgrade that nullifies the issue. Yet users do not always download these patches quickly, leaving themselves exposed for months or weeks.

“We are not sure if the attacker intends to use our Red Team tools or to publicly disclose them,” Mandia wrote.

(Reporting by Christopher Bing; Editing by Lisa Shumaker)

© Copyright Thomson Reuters 2020

U.S.

Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed

MAIN AREA MIDDLE drop zone ⇩

Trending on NewsNation

MAIN AREA BOTTOM drop zone ⇩

tt

KC Chiefs parade shooting: 1 dead, 21 shot including 9 kids | Morning in America

Witness of Chiefs parade shooting describes suspect | Banfield

Kansas City Chiefs parade shooting: Mom of 2 dead, over 20 shot | Banfield

WWE star Ashley Massaro 'threatened' by board to keep quiet about alleged rape: Friend | Banfield

Friend of WWE star: Ashley Massaro 'spent hours' sobbing after alleged rape | Banfield

Partly Cloudy

la

61°F Partly Cloudy Feels like 61°
Wind
5 mph SW
Humidity
56%
Sunrise
Sunset

Tonight

Partly cloudy early followed by cloudy skies overnight. Low 49F. Winds light and variable.
49°F Partly cloudy early followed by cloudy skies overnight. Low 49F. Winds light and variable.
Wind
4 mph N
Precip
1%
Sunset
Moon Phase
Waning Crescent