FireEye hit by suspected cyber attack from state actor

US cybersecurity firm FireEye has said that it has sustained a cybersecurity attack, likely from a state actor.

The intelligence security company professes an emphasis on intelligence as well as technology in the fight against cyber attacks, with its unified security platform, Helix, that evolves and updates with the knowledge it has gained to respond to new breaches.

It is usually not the subject of attackers aims, with its investigative services having been employed in the cases of attacks against organisations including JP Morgan Chase and Sony Pictures.

The date of the hack was not disclosed, with FireEye only saying “recently”. The attack resulted in “Red Team assessment tools”, which FireEye uses to test its clients’ defences, being stolen, and led to an 8% drop in its share price. Also

In a blog post, CEO Kevin Mandia said: “Recently, we were attacked by a highly sophisticated threat actor, one whose discipline, operational security, and techniques lead us to believe it was a state-sponsored attack. Our number one priority is working to strengthen the security of our customers and the broader community.”

“Based on my 25 years in cyber security and responding to incidents, I’ve concluded we are witnessing an attack by a nation with top-tier offensive capabilities. This attack is different from the tens of thousands of incidents we have responded to throughout the years. The attackers tailored their world-class capabilities specifically to target and attack FireEye. They are highly trained in operational security and executed with discipline and focus. They operated clandestinely, using methods that counter security tools and forensic examination. They used a novel combination of techniques not witnessed by us or our partners in the past.”

The company said it was working with partners including the FBI and Microsoft to investigate, and monitor whether the stolen tools are put to malicious use, while also releasing preventative countermeasures.

The news comes after IBM researchers discovered that the cold supply chain used to deliver COVID-19 vaccines was being targeted by hackers.