The Biggest Cyber-Security Firm in the World (Hacked)

What do you do when your company is one of the biggest cyber-security firms in the world and you get hacked? Do you try to fix the damages that have been done while trying to keep the whole thing a secret or do you let the world know? By setting a prime example of true heroism, FireEye had chosen to responsibly inform the world of the incident by disclosing it on December 8, 2020, soon after the actual breach. FireEye investigators discovered that hackers had penetrated the defenses and stolen trademark software that was unique to them along with finding trails that the intruders were searching for government official related records and documents. With no concrete evidence, all fingers are pointing towards one particular APT (Advanced Persistent Threat). Russia.

The software tools that were stolen from FireEye were not everyday normal user programs. They were uniquely built "red-team" hacking tools that FireEye would use to assess client networks and websites. Basically, the hackers took the tools that FireEye would use when they wanted to demonstrate a live hacking scenario for a client. This is terrible. This is also why FireEye has been working diligently to ensure that the IT community and the world know about what attacks with their tools might look like. Also stated, the tools that FireEye used did not contain any "zero-days" (unknown exploits). This means that what the hackers had gotten from the tools was already something that was available. All of the exploits inside of the tools are known exploits and nothing that the world hasn't seen before in terms of known vulnerabilities.

Could you imagine what it would take to make the call of announcing that your company, whose main job is to defend information security, had just been breached? To some, that is like shooting yourself in the foot. To FireEye, this is called doing your part.

Thanks for reading! If you enjoyed what you read, be sure to check out the other articles.

Below you can check out the Fireye website to view their cyber-security services.

FireEye Website: https://www.fireye.com/