Site navigation

Cybersecurity Specialist FireEye Targeted by Sophisticated Threat Actors

David Paul



It is not yet known who carried out the attack, but the firm believes it is “consistent with a nation-state cyber-espionage effort”.

A major cybersecurity firm based in the US has been targeted by hackers believed to be state-backed.

California based FireEye said the hackers targeted its ‘red team tools’, which the firm uses to test the cyber-defences of its clients.

The tools behave as cyber threat actors, which enable FireEye to provide diagnostic security services. The firm says it is unsure whether the hackers have yet to use the tools.

As a precaution, FireEye has developed 300 countermeasures for its customers to use in order to “minimise the potential impact of the theft of these tools”.

Currently, the identity of the hackers remains unknown, but in a blog, FireEye CEO Kevin Mandia said that the evidence points to a sophisticated, state-backed effort.

“Based on my 25 years in cybersecurity and responding to incidents, I’ve concluded we are witnessing an attack by a nation with top-tier offensive capabilities,” Mandia said.

“This attack is different from the tens of thousands of incidents we have responded to throughout the years. The attackers tailored their world-class capabilities specifically to target and attack FireEye.

“They are highly trained in operational security and executed with discipline and focus. They operated clandestinely, using methods that counter security tools and forensic examination. They used a novel combination of techniques not witnessed by us or our partners in the past.”

In response to the attack, Mandia said the company was “actively investigating in coordination with the Federal Bureau of Investigation and other key partners”, and that initial analysis “supports our conclusion that this was the work of a highly sophisticated state-sponsored attacker utilising novel techniques.”


FireEye itself specialises in cybersecurity protection services. The highly regarded firm is used by businesses and governments around the world to protect them from hacking.

This makes this latest attack, one of many so far this year, particularly jarring as so many other companies rely on FireEye for their cybersecurity.

Hackers appear to be becoming increasingly bold, particularly during the Covid-19 pandemic. Just last week it was announced that hackers, also showing hallmarks of state-backing, targeted the cold supply distribution network for the coronavirus vaccine.

It is believed that the attackers sought access to the network to learn of how mass supply would be carried out. As well as this, Russian and North Korean state hackers have been ramping up attempts to steal vital Covid-19 vaccine research. Microsoft says it has detected several attempts by state-sponsored hackers.

In response to these types of cybersecurity threats, the IFB has launched a threat intelligence service designed to help firms to identify vulnerabilities across their digital business.

David Paul

Staff Writer, DIGIT

Latest News

%d bloggers like this: