When a Cybersecurity Firm Gets Hacked: Key Lessons

Posted: November 9, 2020 to News.

Tags: Data Breach, Penetration Testing, Digital Forensics

Well, isn't that ironic? It's not a good look... You peddle in protecting businesses from cyber attacks, only to fall victim to a successful cyber crime, yourself. But to be completely fair, this was a highly sophisticated and systematic attack (payback, perhaps?  That's pure speculation, by the way!) by what appears to be a concentrated effort by a foreign government.  This wasn't just some basement dweller in the middle of Timbuktu, and it just goes to show that anyone can fall prey to a cyberattack.  Just remember, even the most renowned cybersecurity firms are staffed with PEOPLE, and people are the biggest vulnerabilities of any business. The aforementioned ill-fated organization is none other than the trailblazing FireEye, a California-based firm with thousands of employees, that just happens to also be one of the largest across the globe.  After news of the breach reached the market last night around the close of business day, their stock fell right around 7% almost immediately. I've got to be honest right now; I'm empathizing really hard right about now.  While simultaneously cringing and drinking my warm morning beverage.  But I digress... The attack left the business with compromised software "Red Team" tools - tools that they use to test thousands of their clients' defenses - as well as some internal systems that were rifled with, leading the firm to conclude that the attackers were seeking information on their government clientele. On a positive note, it does not appear, as of yet, that any of that data, or the primary systems that house it, were successfully compromised.  It also appears that the stolen tools have not been used for any nefarious purposes - an assessment co-signed by the Department of Homeland Security in an independent report. The firm is also staying mum on which government they believe was responsible for the attack, but there is speculation swirling that it was (shock of all shocks) most likely Russia.  Russia, for their part, is also staying mum on the matter, but what is clear is that the attack was specifically targeting FireEye by using a sophisticated mix of tools and an unusually high attempt to cover their tracks, so as not to be identified.  The firm also has not yet released details on when and how the breach was actually committed; most likely because they themselves aren't sure yet. But what is certain is that this was definitely a high-level, professional hit job. FireEye has been in the news before, most notably for assisting Sony in the high-profile 2014 cyberattack perpetrated by North Korea, and is still working with the FBI and Microsoft in an ongoing investigation of the attack. So, you can rest assured that the FBI will be returning the favor and currently is, in fact, assisting FireEye with the investigation into their own attack. Are you uncertain as to whether your business could withstand a cyberattack?  If you don't know, then chances are pretty high that it couldn't... Fortunately, we are just a quick call or email away.  If you have questions, give us a call at 919-422-2607, or schedule a free consultation today. Stay safe out there and remember - hackers have NO shame.

Protect Your Business Today

Petronella Technology Group has provided cybersecurity, compliance, and managed IT services from Raleigh, NC for over 23 years. Contact us today for a free consultation and technology assessment.