FireEye, a $3.5 billion company that helps customers respond to some of the world’s most sophisticated cyberattacks, has itself been hacked, most likely by a well-endowed nation-state that made off with “red-team” attack tools used to pierce network defenses.
The revelation, made in a press release posted after the close of stock markets on Tuesday, is a significant event. With a market capitalization of $3.5 billion and a some of the most seasoned employees in the security industry, the company’s defenses are formidable. Despite this, attackers were able to burrow into FireEye’s heavily fortified network using techniques no one in the company had ever seen before.
The hack also raises the specter that a group that was already capable of penetrating a company with FireEye’s security prowess and resources is now in possession of proprietary attack tools, a theft that could make the hackers an even greater threat to organizations all over the world. FireEye said the stolen tools didn’t included any zeroday exploits. FireEye shares fell about 7 percent in extended trading following the disclosure.