FireEye confirmed that it was recently attacked by a highly sophisticated cyber threat actor in what it believes was as a state-sponsored attack.
Kevin Mandia, FireEye's Chief Executive Officer,said the attackers tailored their world-class capabilities specifically to target certain Red Team assessment tools that the company uses to test its customers’ security. These tools mimic the behavior of many cyber threat actors and enable FireEye to provide essential diagnostic security services to our customers. None of the tools contain zero-day exploits.
FireEye will now need to release the methods and means to detect the use of the stolen Red Team tools. This includes more than 300 countermeasures to minimize the potential impact of the theft of these tools.
FireEye also said that, consistent with a nation-state cyber-espionage effort, the attacker primarily sought information related to certain government customers.