Cybersecurity firm FireEye claims it was hacked by nation state
BOSTON » Prominent U. S. cybersecurity firm FireEye said Tuesday that it was hacked by what could only be a government with “world- class capabilities,” and the hackers stole tools the company uses to test the strength of customers’ defenses.
“I’ve concluded we are witnessing an attack by a nation with top-tier offensive capabilities,” FireEye CEO Kevin Mandia said in a statement. “This attack is different from the tens of thousands of incidents we have responded to throughout the years.”
He did not indicate who might be responsible or say when the company detected the hack. Phone calls to company officials were not immediately returned
The stolen “red team” tools could be dangerous in the wrong hands, though FireEye said there’s no indication they have been used. The company said it developed 300 countermeasures to protect customers and others from them and was making them immediately available.
The hackers “primarily sought information related to certain government customers,” Mandia said, without naming them. He said there was no indication that customer information obtained from FireEye’s consulting or incident-response businesses were accessed by the hackers.
Based in Milpitas, California, the publicly traded cybersecurity company has been at the forefront of investigating sophisticated state-backed backing groups, including Russian groups trying to break into state and local governments in the U.S. that administer elections. It counts many of those state and local governments among its customers.
Among attributions credited to FireEye was that Russian military hackers were behind 2015 and 2016 mid-winter attacks on Ukraine’s energy grid.
FireEye said it is investigating the attack in coordination with the FBI and other partners such as Microsoft, which has its own cybersecurity team.