(CALIFORNIA) #Cyberattack Report: Revelation in ‘ Press Release ‘ on Tuesday that the $3.5-billion company who helps protect companies has been hacked by a nation-state that is being investigate d by the FBI #AceNewsDesk report

#AceNewsReport – Dec.13: FireEye, a $3.5 billion company that helps customers respond to some of the world’s most sophisticated cyberattacks, has itself been hacked, most likely by a well-endowed nation-state that made off with “red-team” attack tools used to pierce network defences: The revelation, made in a press release posted after the close of stock markets on Tuesday, is a significant event. With a market capitalisation of $3.5 billion and a some of the most seasoned employees in the security industry, the company’s defenses are formidable. Despite this, attackers were able to burrow into FireEye’s heavily fortified network using techniques no one in the company had ever seen before:

Premiere security firm FireEye says it was breached by nation-state hackers

The FBI, normally mum on such matters, says it is investigating the hack.

Dan Goodin – Ars Technica: 12/8/2020, 10:08 PM:

The hack also raises the specter that a group that was already capable of penetrating a company with FireEye’s security prowess and resources is now in possession of proprietary attack tools, a theft that could make the hackers an even greater threat to organizations all over the world: FireEye said the stolen tools didn’t included any zeroday exploits. FireEye shares fell about 7 percent in extended trading following the disclosure:

So far, the company has seen no evidence that the tools are actively being used in the wild and isn’t sure if the attackers plan to use them: Such tools are used by so-called red teams, which mimic malicious hackers in training exercises that simulate real-world hack attacks. FireEye has released a trove of signatures and other countermeasures that customers can use to detect and repel the attacks in the event that the tools are used. Some researchers who reviewed the countermeasures said they appeared to show that the tools weren’t particularly sensitive.

Tuesday’s release was written by FireEye CEO Kevin Mandia. He wrote:

Based on my 25 years in cyber security and responding to incidents, I’ve concluded we are witnessing an attack by a nation with top-tier offensive capabilities. This attack is different from the tens of thousands of incidents we have responded to throughout the years. The attackers tailored their world-class capabilities specifically to target and attack FireEye. They are highly trained in operational security and executed with discipline and focus. They operated clandestinely, using methods that counter security tools and forensic examination. They used a novel combination of techniques not witnessed by us or our partners in the past.

We are actively investigating in coordination with the Federal Bureau of Investigation and other key partners, including Microsoft. Their initial analysis supports our conclusion that this was the work of a highly sophisticated state-sponsored attacker utilizing novel techniques.

The attacker primarily sought information related to some of FireEye’s government customers, but it’s not clear yet if they succeeded: Mandia said FireEye has found no evidence that the hackers exfiltrated data from the company’s primary systems that store customer information from incident responses or consulting engagements. There’s also no evidence that the attackers obtained metadata collected by threat-intelligence products:

FireEye provided no details about the origin of the attackers beyond saying the evidence strongly suggested they were sponsored by a nation-state: The New York Times reported that the FBI has turned over the investigation to its Russian specialists, suggesting that the Kremlin is behind the hack.

The Washington Post went one step further, citing an unnamed source who said the hack appeared to be the work of the Russian SVR intelligence service: If true, that means the hackers belong to a group that goes under a variety of monikers, including APT 29, Cozy Bear, and the Dukes. The group, which was one of two Russian hacking outfits that breached the Democratic National Committee in 2016, is tied to the country’s according to security firm CrowsStrike:

The FBI rarely confirms investigations, even when they’re already reported by the victims: On Tuesday, however, Matt Gorham, the assistant director of the FBI’s cyber division issued a statement that read in part: “The FBI is investigating the incident and preliminary indications are show an actor with a high level of sophistication consistent with a nation state.”

Meanwhile, Sen. Mark R. Warner (D-VA), the vice chairman of the Senate Select Committee on Intelligence and Co-Chair of the Senate Cybersecurity Caucus, issued a statement that said: “The hack of a premier cybersecurity firm demonstrates that even the most sophisticated companies are vulnerable to cyber-attacks. I applaud FireEye for quickly going public with this news, and I hope the company’s decision to disclose this intrusion serves as an example to others facing similar intrusions.”

FireEye is hardly the only security firm that has suffered a damaging hack: In 2011, RSA said it was hit by a breach that allowed attackers to steal data that “could potentially be used to reduce the effectiveness of a current two-factor authentication implementation,” a statement that suggested the information related to the company’s SecurID product, used by 40 million people at the time, had been targeted:

#AceNewsDesk report …………….Published: Dec.13: 2020:

Editor says #AceNewsDesk reports by https://t.me/acenewsdaily and all our posts, also links can be found at here for Twitter and Live Feeds https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com