To file in the “no one is immune from a sophisticated attack,” category, well-known and respected security firm FireEye publicly announced this week that it has experienced an attack by a state-sponsored (which means a foreign government) hacking group, which successfully obtained its “red team tools.” This is very concerning, as the red team tools include the “special sauce” FireEye uses to test its clients’ security maturity and vulnerabilities, and could be used as a roadmap for adverse nation states to hack into the U.S. government’s or private companies’ systems.
Kudos to FireEye for making this public so the U.S. government, critical infrastructure and private companies can be on the alert for the tools to be used against them. FireEye has stated that it is working on over 300 countermeasures to assist in combatting the use of its proprietary tools by these adverse threat actors.
Unfortunately, this incident is a cold, hard, awful reminder that even the most sophisticated security firm can become the victim of a cyberattack, and since that is the case, all companies are at extreme risk of an attack and exfiltration of data.
FireEye appears poised to assist in combatting the effects of the incident, so keep a close eye on those measures. We will keep you updated as well.