Your Web News in One Place

Help Webnuz

Referal links:

Sign up for GreenGeeks web hosting
December 8, 2020 10:50 pm

FireEye, a Top Cybersecurity Firm, Says It Was Hacked By a Nation-State

An anonymous reader quotes a report from The New York Times : For years, the cybersecurity firm FireEye has been the first call for government agencies and companies around the world who have been hacked by the most sophisticated attackers, or fear they might be. Now it looks like the hackers -- in this case, evidence points to Russia's intelligence agencies -- may be exacting their revenge. FireEye revealed on Tuesday that its own systems were pierced by what it called "a nation with top-tier offensive capabilities." The company said hackers used "novel techniques" to make off with its own tool kit, which could be useful in mounting new attacks around the world. It was a stunning theft, akin to bank robbers who, having cleaned out local vaults, then turned around and stole the F.B.I.'s investigative tools. In fact, FireEye said on Tuesday, moments after the stock market closed, that it had called in the F.B.I. The $3.5 billion company, which partly makes a living by identifying the culprits in some of the world's boldest breaches -- its clients have included Sony and Equifax -- declined to say explicitly who was responsible. But its description, and the fact that the F.B.I. has turned the case over to its Russia specialists, left little doubt who the lead suspects were and that they were after what the company calls "Red Team tools." These are essentially digital tools that replicate the most sophisticated hacking tools in the world. FireEye uses the tools — with the permission of a client company or government agency -- to look for vulnerabilities in their systems. Most of the tools are based in a digital vault that FireEye closely guards. The hack raises the possibility that Russian intelligence agencies saw an advantage in mounting the attack while American attention -- including FireEye's -- was focused on securing the presidential election system. At a moment that the nation's public and private intelligence systems were seeking out breaches of voter registration systems or voting machines, it may have a been a good time for those Russian agencies, which were involved in the 2016 election breaches, to turn their sights on other targets. The hack was the biggest known theft of cybersecurity tools since those of the National Security Agency were purloined in 2016 by a still-unidentified group that calls itself theShadowBrokers. [...] The N.S.A.'s tools were most likely more useful than FireEye's since the U.S. government builds purpose-made digital weapons. FireEye's Red Team tools are essentially built from malware that the company has seen used in a wide range of attacks. Still, the advantage of using stolen weapons is that nation-states can hide their own tracks when they launch attacks.

Read more of this story at Slashdot.


Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/QgFPus_IBPs/fireeye-a-top-cybersecurity-firm-says-it-was-hacked-by-a-nation-state

Share this article:    Share on Facebook
View Full Article

Slashdot

Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..

More About this Source Visit Slashdot