One of the largest security companies in the world, the FireEye announced that he had fallen victim an "extremely advanced threat factor", which acquired access within its internal network and stole the tools hacking which it uses to test its customer networks.
According to Mandia, the attacker is an "extremely sophisticated hacker"whose discipline, operational security and techniques lead us to believe that it was a state - funded attack."
"This attack "It's different from the tens of thousands of incidents we've dealt with over the years," added the FireEye executive.
"The attackers adapted their skills specifically to target and attack FireEye. "They are highly trained in business security and operate with discipline and focus."
"They moved secretly, using methods that offset the security tools. "They used a new combination of techniques that neither we nor our partners have encountered again."
FireEye contacted Microsoft products for help with the incident, and notified Federal Office of Research and this also helps the company.
Because FireEye believes intruders got their hands on custom penetration testing tools, it now shares IOC and countermeasures in her account at GitHub. The data from GitHub will help other companies find out if hackers used any of FireEye's stolen tools to break into their networks.
FireEye is not the first major security company to be attacked by a group of state-owned hackers, as similar attacks have killed Kaspersky in 2015, RSA Security in 2011, but also Avast in 2017 and 2019.
Most cybersecurity professionals have shown their support for the company and praised FireEye for quickly revealing the incident.