Cybersecurity firm FireEye on Tuesday said its defenses were breach by sophisticated attackers who stole “Red Team” tools used to test customers’ computer systems.
While the hackers had yet to be identified, their tactics and targets led FireEye to believe it was a state-sponsored attack “by a nation with top-tier offensive capabilities.”
It did not appear any customer data was stolen from FireEye, or that the tools have been used in other attacks, according to the Silicon Valley-based firm.
“The attackers tailored their world-class capabilities specifically to target and attack FireEye,” FireEye chief executive Kevin Mandia said in a blog post revealing the breach.
“They used a novel combination of techniques not witnessed by us or our partners in the past.”
FireEye shares were down some 6.5 percent in after-market trades that followed released of news about the hack.
FireEye said it is investigating the attack with help from the FBI and industry partners including technology colossus Microsoft.
“Their initial analysis supports our conclusion that this was the work of a highly sophisticated state-sponsored attacker utilizing novel techniques,” Mandia said.
The hackers primarily sought information related to government customers which is consistent with nation-state cyberespionage, according to FireEye.
Also targeted in the attack were “Red Team” tools that help diagnose the security of customers’ networks by mimicking the behavior of hackers, Mandia said.
FireEye was making available countermeasures to defend against someone using the tools.
The US Department of Homeland Security said it was aware of the attack but that it had no information indicating the stolen cyber tools were being “maliciously used” so far.