Last week two major cybersecurity firms confirmed attacks on their systems. FireEye, one of the top firms in the cybersecurity space, revealed their systems were compromised by what they called “a nation with top-tier offensive capabilities.” Days later, another cybersecurity specialized firm, SolarWinds, was compromised when hackers installed malicious code into an updated version of their software.
Here is what you need to know about both attacks.
FireEye specializes in protecting against malicious cyber-attacks by providing highly sophisticated hardware, software, and services to investigate cybersecurity attacks. In the attack last week, hackers were able to access FireEye’s Red Team tool kit, which the organization uses to test their own customers’ security vulnerabilities. These tools could be used for mounting new attacks on FireEye customers around the globe. The organization has 9,600 customers across 103 countries including more than 50% of the Forbes Global 2000.
When asked about the attack, Kevin Mandia, FireEye CEO said “based on my 25 years in cybersecurity and responding to incidents, I’ve concluded we are witnessing an attack by a nation with top-tier offensive capabilities.” He also added that the hack was “different from the tens of thousands of incidents we have responded to throughout the years,” and that the hackers “used a novel combination of techniques not witnessed by us or our partners in the past.”
Currently, FireEye is working with the FBI and other partners to conduct an investigation into the hack. The impact of the breach and how many customers are affected is still unknown.
In the SolarWinds attack, hackers inserted malicious code into an updated version of their software called Orion. Around 18,000 customers installed the update onto their systems. Instead of hackers having to trick customers into installing malicious software with a phishing campaign, they hacked the software company directly and infected thousands.
Many are speculating that the hack was engineering by the Russian government as thousands of government agencies around the world reportedly use the Orion software. It is unclear if any information has been stolen, but the amount of access to SolarWinds’s customers’ systems is vast.
We will continue to keep you updated on both attacks are more information is released.