You know when Russian hackers are in the news, it’s not good. Well, it’s happened again, this time to one of the biggest cybersecurity firms in the U.S. Seriously, you can’t make this kind of stuff up.
FireEye, the major cybersecurity company, announced in a blog post by CEO Kevin Mandia that foreign government hackers with “world-class capabilities” broke into its network and stole “Red Team tools” it uses to test the cyberdefenses of its customers.
Egg on face, including the (Fire)Eye
This heist was done on the same firm whose job it is to prevent and investigate such attacks – FireEye investigated the Equifax hack and The Democratic National Committee hack recently.
FireEye “Red Team Tools”
These tools include malware (basically viruses) and exploits (code that takes advantage of a bug or vulnerability in a system). FireEye isn’t sure if the hackers are going to use the Red Team tools or make them public.
So, they open sourced the countermeasures on GitHub. Wait, what?! FireEye released countermeasures to the tools publicly on a GitHub repository. The release of the tools is itself the company’s countermeasure to the hack, which is fascinating. They basically released a “patch” with these countermeasures, but as a NATO official put it, “software can be patched, but knowledge cannot.” The Russian hackers got insight into the security tools, and you can’t “unsee” that with a patch.
The market didn’t take well to the irony. FireEye stock plummeted 13% on Wednesday, wiping $450 million off the cybersecurity group's market capitalization.