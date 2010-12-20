from the steal-from-the-best dept.
Premiere security firm FireEye says it was breached by nation-state hackers:
FireEye, a $3.5 billion company that helps customers respond to some of the world's most sophisticated cyberattacks, has itself been hacked, most likely by a well-endowed nation-state that made off with "red-team" attack tools used to pierce network defenses.
The revelation, made in a press release posted after the close of stock markets on Tuesday, is a significant event. With a market capitalization of $3.5 billion and a some of the most seasoned employees in the security industry, the company's defenses are formidable. Despite this, attackers were able to burrow into FireEye's heavily fortified network using techniques no one in the company had ever seen before.
The hack also raises the specter that a group that was already capable of penetrating a company with FireEye's security prowess and resources is now in possession of proprietary attack tools, a theft that could make the hackers an even greater threat to organizations all over the world. FireEye said the stolen tools didn't included any zeroday exploits. FireEye shares fell about 7 percent in extended trading following the disclosure.
So far, the company has seen no evidence that the tools are actively being used in the wild and isn't sure if the attackers plan to use them. Such tools are used by so-called red teams, which mimic malicious hackers in training exercises that simulate real-world hack attacks. FireEye has released a trove of signatures and other countermeasures that customers can use to detect and repel the attacks in the event that the tools are used. Some researchers who reviewed the countermeasures said they appeared to show that the tools weren't particularly sensitive.
Also at www.schneier.com and www.securityweek.com
(Score: 1) by HammeredGlass on Thursday December 10, @05:45PM
losing its radio stuff and woowee.
(Score: 2) by legont on Thursday December 10, @06:18PM
I am sure only space aliens could hack such a great security company.
"Wealth is the relentless enemy of understanding" - John Kenneth Galbraith.
(Score: 2) by Mojibake Tengu on Thursday December 10, @06:23PM
So. FireEye Red Team (yes, they spell it thusly, not "red-team") was the original creator of the malware, isn't it?
How typical business model in all the antivirus industry, first, create some risk or danger and then monetize the protection.
Now the attacker, whoever she is, holds all the proofs, so FE had to wash out by stating they only modified some existing public tools below detection level and now disclosed them to the community to provide the detection:
https://github.com/fireeye/red_team_tool_countermeasures [github.com]
If they were honest and candid, they'd do this not just 14 hours ago, but very long time ago.
And the market acknowledges their business model is now shattered to pieces.
1st Rule of Hacking: You can't replace a true code genius by a team, corporation or military unit.
