FireEye cyberattack poses a major threat to global security

Edward Kost
Edward Kost
December 8, 2020

FireEye, a global cyber threat defense agency, has fallen victim to the most machiavellian cyberattack of 2020.

In its official statement of the incident, FireEye revealed that the hackers were state-sponsored, though they did not identify which one.

“Recently, we were attacked by a highly sophisticated threat actor, one whose discipline, operational security, and techniques lead us to believe it was a state-sponsored attack.” They said.

The “highly sophisticated” classification of this breach is an understatement. FireEye is not a conventional business unaware of cyber-threat tactics. It’s a $3.5 billion cybersecurity company that has developed a global reputation for defending government agencies against the most advanced cyberattacks.

The methods of a successful attack against a global leader in cybersecurity would need to eclipse even the most advanced penetration techniques known by experts. FireEye openly admitted its surprise at the attack technique used.

“They operated clandestinely, using methods that counter security tools and forensic examination. They used a novel combination of techniques not witnessed by us or our partners in the past.”

When cyber attackers penetrate an esteemed business, their motivations are primarily avaricious. Ransomware attacks are usually launched to encrypt sensitive business data which is then leaked to the dark web if a ransom price is not paid.

But in this instance, the attackers were not interested in a broad extortion effort. This attack targeted a specific set of tools internally developed by FireEye.

“During our investigation to date, we have found that the attacker targeted and accessed certain Red Team assessment tools that we use to test our customers’ security,” FireEye said in their statement.”

These ‘Red Team assessment tools’ empower FireEye to discover any cyber threat vulnerabilities within an organization by mimicking the behavior of a range of malicious cyber threats.

In the hands of what seems to be the most sophisticated attackers to date, these tools could remove any evidence that could connect cybercriminals to their crimes.

Given FireEye’s acerbic understanding of complex global threats, cybercriminals could use these tools to penetrate high-profile targets without convicting evidence.

The implications of this data breach are difficult to estimate. Whether the cybercriminals only use FireEye’s Red Team tools for their personal motives or make them freely available on the dark web, this event could develop into a very significant threat to global security.

How secure is FireEye?

FireEye is a publicly-traded cybersecurity company headquartered in Milpitas, California. It has been involved in the detection and prevention of major cyber attacks.
  • Check icon
    View our free preliminary report on FireEye’s security posture
  • Check icon
    13 risk factors, including email security, SSL, DNS health, open ports and common vulnerabilities
Security ratings
Abstract shape
Deliver icon

Sign up for our newsletter

Stay up-to-date on everything UpGuard with our monthly newsletter, full of product updates, company highlights, free cybersecurity resources, and more.
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

Protect your organization

Get in touch or book a free demo.
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Website Security scan resultsWebsite Security scan rating