The cybersecurity company FireEye, the largest in the United States based in Silicon Valley, announced last Tuesday that they had suffered an attack and their systems had been hacked by a state agent or as indicated “a nation with first-class offensive capabilities”.
This was detailed in the post published on their website by the CEO, Kevin Mandia, who also indicated that “They have used a combination of very novel techniques that they had never seen before.”
Kevin Mandia also indicated: «based on my 25 years of experience in cybersecurity, I conclude that we are facing an attack perpetrated by a country with first-rate offensive capacity. “This attack is unlike the tens of thousands of incidents we have had to respond to over the years.”
He Russian intelligence service SVR has been identified by the press as the main suspect in the attack and in addition to FireEye itself, Microsoft and the Federal Bureau of Investigation (FBI) also participate in the investigations.
The hackers tried to obtain the information of government clients, although it has not been indicated at the moment that they succeeded, what they did steal were the company tools, products that the firm uses to detect weaknesses in its clients' networks and remedy them, so now they could be used for the opposite, detecting them and attacking.
"We do not know if the attackers plan to use our tools or make them available to the public, we are launching hundreds of countermeasures to protect the community against them," they indicated from FireEye, so they have made them publicly available through GitHub tool countermeasures RedTeam to prevent them from using them for illegal acts.
Again Mandia indicated “we are proactively launching methods and means to detect the use of our stolen Red Team tools.”
The Internet is the key place to obtain information. It is not the first cyber espionage operation nor will it be the lastEven more so, with the situation we have right now where most companies have opted for teleworking and have uploaded their applications to the cloud.