Russia Hacked Cybersecurity Tools From Top U.S. Security Firm – FireEye


Russian intelligence appears to have hacked and stolen cybersecurity tools from one of the world’s top cyber defense firms the U.S. company FireEye. This is significant because governments and businesses worldwide have relied on the $3.5 billion cyber defense company when responding to the most sophisticated cyber attackers.

According to the New York Times, FireEye revealed that its computer systems were breached by what it called “a nation with top-tier offensive capabilities.”

This is the biggest known hack of cybersecurity tools since the National Security Agency (NSA) had its tools snatched in 2016 by an unidentified group calling itself the ShadowBrokers, but whom many experts also suspect are Russian.

That group dumped the NSA’s tools online allowing nation-state hackers to use what one former NSA operator called the “keys to the digital Kingdom” to conduct a range of highly destructive attacks against government agencies and businesses.

In this case now, FireEye said, according to the NYT, the unspecified hackers used “novel techniques” to steal its proprietary counter cyber hacker tool kit from its closely guarded digital vault. These tools could now aid the nation-state culprit in launching more attacks globally, without exposing its own covert toolkits.

While no one has specifically identified these hackers as Russian, it is fairly clear from the evidence that is the case.

Once it identified that it had been breached, FireEye had to turn to the FBI. The FBI, in turn, handed the case to its Russia specialists. According to these sources, reports the NYT, the hackers were after what the company calls “Red Team tools.”

As the NYT explains:

These are essentially digital tools that replicate the most sophisticated hacking tools in the world. FireEye uses the tools — with the permission of a client company or government agency — to look for vulnerabilities in their systems.

On Tuesday, Matt Gorham, assistant director of the FBI Cyber Division, said according to the NYT, “The F.B.I. is investigating the incident and preliminary indications show an actor with a high level of sophistication consistent with a nation-state.”

The NYT continues:

The hack raises the possibility that Russian intelligence agencies saw an advantage in mounting the attack while American attention — including FireEye’s — was focused on securing the presidential election system. At a moment that the nation’s public and private intelligence systems were seeking out breaches of voter registration systems or voting machines, it may have been a good time for those Russian agencies, which were involved in the 2016 election breaches, to turn their sights on other targets.

A FireEye hack by Russia could also be likely retaliation for the company’s investigators having repeatedly exposed units of the Russian military intelligence — the G.R.U., as well as the foreign and domestic Russian intelligence services, the S.V.R. and the F.S.B., for their attacks worldwide.

“The Russians believe in revenge,” said James A. Lewis at the Center for Strategic and International Studies, notes the NYT. “Suddenly, FireEye’s customers are vulnerable.”


Paul Crespo

Paul Crespo is the Managing Editor of American Defense News. A defense and national security expert, he served as a Marine Corps officer and as a military attaché with the Defense Intelligence Agency (DIA) at US embassies worldwide. Paul holds degrees from Georgetown, London, and Cambridge Universities. He is also CEO of SPECTRE Global Risk, a security advisory firm, and President of the Center for American Defense Studies, a national security think tank.

Subscribe
Notify of
guest
11 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Alan
Alan
4 months ago

Might it be that the internal security of this vaunted security firm was less than “secure”? Could it be? Say it isn’t so Joe, say it isn’t so.

Dan Winright
Dan Winright
4 months ago

Democrats offered to drop trou first.
But then the Russians got an eyeful of kamaltoe.

Ernie
Ernie
4 months ago

Yea it could not be the China Trader Joe would just give it them at the beginning of the year

Alan
Alan
4 months ago

Regarding the headline, and the seeming facts of the matter might one ask the following, . How The Hell Did This Happen?

Herbert G. Chapman
Herbert G. Chapman
4 months ago
Reply to  Alan

Why ask a question they already know?

parthenon1@aol.com
parthenon1@aol.com
4 months ago

Most likely had a lot of help from Democrat/Socialist party officials who would rather take $ from foreign powers than to work for the American people ! ! !

fabian
fabian
4 months ago

When I see; according to the New York Times…..

Herbert G. Chapman
Herbert G. Chapman
4 months ago

I would say What goes around comes around. You reaped a whorl wind !

Floyd Hardee
4 months ago

Dumb will be dumb. Much of our security is poorly over seen because of politics. It will get much worse under Biden.

trackback

[…] the Pentagon itself. Not to mention one of America’s top cybersecurity firms, FireEye — as I wrote earlier — and even […]

trackback

[…] the Pentagon itself. Not to mention one of America’s top cybersecurity firms, FireEye — as I wrote earlier — and even […]


People, Places & Things