FireEye has been Hacked

California based cyber security company FireEye was set up in 2004 and specialises in investigating cyber-attacks against companies all over the world.

In the past few days, however, the CEO Kevin Madia has announced the company has fallen victim to an alleged ‘State Sponsored’ cyber-attack.

FireEye says that the attack was done by a “highly sophisticated threat actor”. The attack tried to gain information related to government customers. The attacker is not currently known; however, the firm and the FBI are now investigating.

When a cybersecurity company gets hacked themselves it not only damages their reputation but raises large concerns among experts and the defence industry. An attack such as this would have been highly organised and carried out by a very knowledgeable and expert hacking team. This is what has prompted the firm to comment that it was believed to be state sponsored. This means that a rival country to the US may have been the perpetrator for this attack to receive intel for their personal gain. When attacks such as these are backed by such money and power, they can often be impossible to protect against, even for a cyber security firm.

FireEye’s CEO has commented in a recent blog regarding the attack.

“Based on my 25 years in cyber security and responding to incidents, I’ve concluded we are witnessing an attack by a nation with top-tier offensive capabilities,” and that the hack was “different from the tens of thousands of incidents we have responded to throughout the years.”

“The attackers tailored their world-class capabilities specifically to target and attack FireEye.”

“They used a novel combination of techniques not witnessed by us or our partners in the past.”

Although it cannot be confirmed yet, it is assumed that Russia is among the suspects. After this attack, FireEye knows that data and hacking tools that they developed has been stolen however this does mean that they know how to defend against it if it is turned on anyone else.