Hacking The Hackers
FireEye made the shocking disclosure Tuesday that it suffered a security breach in what’s believed to be a state-sponsored attack designed to gain information on some of the company’s government customers. The attacker was able to access some of FireEye’s internal systems but apparently didn’t exfiltrate data from the company’s primary systems that store customer information, the threat intelligence vendor said.
The threat actor, however, stole FireEye’s Red Team security assessment tools, and FireEye said it isn’t sure if the attacker plans to use the stolen tools themselves or publicly disclose them. News of this unprecedented hack sent FireEye’s stock down $1.12 (7.22 percent) per share to $14.40 in after-hours trading Tuesday, which is the lowest the company’s stock has traded since Nov. 19.
This isn’t the first nation-state attack against a cybersecurity vendor or even the first hacker to get access to FireEye corporate documents. The attackers were focused on folks doing work across many different governments and not just the U.S. government, FireEye CEO Kevin Mandia told investors Wednesday. But it is the first time in many years that powerful hacking tools have landed in the hands of adversaries.
From who’s suspected to be behind the FireEye hack and how they remained hidden to what FireEye and intelligence officials are doing to minimize the collateral damage, here’s a look at what partners need to know about this earth-shaking attack.
Source:
https://www.crn.com/slide-shows/security/8-big-things-to-know-about-the-state-sponsored-fireeye-hack