Join our subscribers
US Security Firm FireEye Hacked By ‘Nation-State’ Attacker
Thursday, December 10, 2020
But at least one security expert said the attack raised many questions, and FireEye has a duty to be completely transparent about the incident.
“The incident seems to be quite mysterious and obscure,” Ilia Kolochenko from ImmuniWeb told Silicon UK. “On one side, FireEye readily talks about a ‘highly sophisticated state-sponsored adversary’, on the other, says that ‘no 0days’ or otherwise highly valuable data was stolen.”
“Why would a nation-state APT ever bother to expose their own 0days and advanced hacking techniques to get a collection of semi-public Red Teaming tools?” he asked.
“A wide spectrum of vital questions likewise remains unanswered: when did this incident happen, which systems are impacted, what are the chances that clients’ data was compromised?” Kolochenko said.
“We cannot exclude a probability that this specific incident was merely a smokescreen aimed to distract FireEye from a more important attack targeting clients’ data or ultra-confidential private research,” he concluded. “More transparency is expected from FireEye to dispel the doubts and bring clarity.” Read Full Article
Computing: Criminals steal hacking tools from security firm FireEye
ITWeb: Top US cyber security firm FireEye hit by 'state-sponsored adversary'
