Cybersecurity firm FireEye says it was breached, hacking tools stolen

FireEye, one of the largest cybersecurity companies in the world, said on Tuesday that it had been hacked, likely by a nation-state actor, Reuters reported.

A blog post by the company said “red team tools” were stolen as part of a highly sophisticated, hacking operation that used previously unseen techniques. Red team tools are hacking devices that replicate the most sophisticated hacking tools used by cybercriminals. Cybersecurity firms use these tools to test vulnerabilities of clients’ systems, with permission.

FireEye helps protect various government and private organisations all over the world. It is unclear what the breach means for customers’ defences at this time.

Read: Firms reel from social engineering attacks

The FireEye breach was disclosed in a public filing with the Securities and Exchange Commission citing CEO Kevin Mandia. The company’s shares dropped 8 per cent in after-hours trading in New York.

Suspicion immediately fell on Russia, based on sophistication and history. “The FBI is investigating the incident and preliminary indications show an actor with a high level of sophistication consistent with a nation-state,” said Matt Gorham, assistant FBI director for the Cyber Division told Reuters.

FireEye joins other cybersecurity companies that have suffered similar heists, including Bit9, Kaspersky Lab and RSA.

The biggest known theft of cybersecurity tools was the US’s National Security Agency where a group known as ShadowBrokers stole the agency’s hacking tolls and dumped them online. North Korea and Russia ultimately used the stolen arsenal in destructive attacks on government agencies, hospitals and the world’s biggest companies — at a cost of more than $10bn.