FireEye Incident

Q1 2021 Quarterly Briefing
HALOCK Reasonable Security Cyber Breaches FireEye

FireEye Incident

WHAT HAPPENED?

A Russian government agency, SVR (Foreign Intelligence Service), hacked into FireEye and accessed hundreds of FireEye’s pen testing tools. SVR now has insight into how FireEye evaluates weaknesses in their customers’ systems.

FireEye’s service is to deploy suspicious files into a safe environment to see if they are dangerous, so they were able to update their customer’s systems to detect attacks from their stolen tool set.

This attack appears to be part of the same campaign as SolarWinds.

WHAT DOES THAT MEAN TO YOU?

The tech supply chain is compromised by well-funded state actors.

If you are a FireEye customer, you are likely already protected against attacks by their tools. Continue to follow their guidance for protecting your systems.

You must include high-tech supply-chain (cloud) providers in your third- party risk management program.

ADDITIONAL INFORMATION

Read Full Article