Skip to main content
close search
site logo
Dive Brief

FireEye attacked by tailored, nation-state cyber effort, firm says

Published Dec. 8, 2020
Katie Malone's headshot
Associate Editor
cyberattack, privacy, connection
Stock Photo via Getty Images

Dive Brief:

  • FireEye, a security company aimed at detecting and preventing cyberattacks, suffered a "highly sophisticated cyber threat actor," according to a Form 8-K disclosure the business filed with the Securities and Exchange Commission. 
  • CEO Kevin Mandia, the Federal Bureau of Investigation and other partners such as Microsoft deduced that a state-sponsored actor "with top-tier offensive capabilities" led an espionage-motivated attack. Attackers targeted FireEye's Red Team assessment tools used to test security, primarily seeking information on the company's government customers. 
  • FireEye reports no evidence that the attacker used stolen tools or exfiltrated data. The company is providing over 300 countermeasures to customers and its community at large to minimize potential damage, according to the report. 

Dive Insight:

FireEye prides itself on "relentless protection" and a track record of detecting new cyberthreat groups, but a target on its back for its government contracts hit an Achilles' heel. 

"Consistent with a nation-state cyber-espionage effort, the attacker primarily sought information related to certain government customers," Mandia wrote in a company blog post. While the attacker accessed internal systems, FireEye reiterates no data infiltration from it's incident response, consulting engagements or metadata systems. 

But the incident could sow doubt in customers. If a cybersecurity firm can't protect itself, how can clients be sure it'll keep them safe?

On average, companies take 280 days to detect and contain a breach — closer to 315 days if that breach is rooted in malicious attacks, according to data from IBM and Ponemon Institute. Remote work slows response time and as FireEye looks ahead to recovery and mitigation, it's actions will determine if the company can rebuild customer trust. 

Companies such as Home Depot, for example only recently reached resolution on a 2014 data breach. The company guaranteed payouts and to employ a chief information security officer as a part of mitigation efforts. 

FireEye is detailing it's response measures publicly on GitHub and plans to keep customers updated as new measures occur, according to the company. "We have learned and continue to learn more about our adversaries as a result of this attack, and the greater security community will emerge from this incident better protected," Mandia said. 

Filed Under: Cyberattacks

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
Editors' picks
Latest in Cyberattacks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell