FireEye, a top U.S. cybersecurity company, says it was hacked

FireEye, a major U.S. cybersecurity company with extensive government contracts, has been hacked by a foreign country, it said.In a company blog post, CEO Kevin Mandia called it “an attack by a nation with top-tier offensive capabilities.” In a rare emailed statement, Matt Gorham, assistant director of the FBI’s Cyber Division, said that the agency “is investigating the incident and preliminary indications show an actor with a high level of sophistication consistent with a nation-state.”

FireEye works with a number of U.S. federal agencies and states, including the FBI and the National Security Agency. The hackers’ primary goal appeared to be stealing information on FireEye’s government clients, Mandia said. He did not attribute the attack to a particular country, a somewhat surprising decision considering his company pioneered the now relatively common practice of attributing hacks to elite hacker groups and naming the country employing them.

It was unclear exactly how much customer information was accessed, though Mandia said they were able to get an ancillary prize: the tools used by the company’s Red Team, the section tasked with creating ways to hack into their clients in order to anticipate how to defend against new attacks. As a result, Mandia said, the company has made countermeasures against those tools publicly available.

Rep. Adam Schiff, D-Calif., the chairman of the House Permanent Select Committee on Intelligence, said in a statement that he has asked “relevant intelligence agencies to brief the Committee in the coming days about this attack any vulnerabilities that may arise from it, and actions to mitigate the impacts.” “Foreign actors have not stopped attacking our country and its critical and cybersecurity infrastructure since 2016,” Schiff said. “In fact, they’ve continued, grown more sophisticated and only have to succeed once, while the U.S. government and companies alike have to pitch a perfect game. This news about FireEye is especially concerning because reportedly a nation-state actor made off with advanced tools that could help them mount future attacks.”