Mandia said the attackers tried to access information “related to certain government customers,” but that the company has no evidence yet that customer information has been stolen.
None of the stolen cybersecurity tools contained so-called zero-day exploits, Mandia said. Zero-day vulnerabilities are software vulnerabilities that have never been publicly identified or patched, and can be extremely dangerous if weaponized by malicious actors.
The Cybersecurity and Infrastructure Security Agency, an arm of the Department of Homeland Security, said in a statement that it has been working with FireEye to determine the scope of the attack.
“As details are made available we are working to share and implement countermeasures across the federal networks and with our private sector partners,” a CISA spokesperson said.
FireEye is among the world’s preeminent cybersecurity firms, selling services designed to prevent, detect and respond to network security attacks. It also conducts extensive research on some of the most sophisticated hacking groups, known in the industry as advanced persistent threats.
Mike Chapple, a cybersecurity expert at the University of Notre Dame and a former National Security Agency official, called the FireEye breach “an extraordinarily significant attack.”
“As one of the world’s go-to cybersecurity firms, FireEye has a ringside seat for some of the most sophisticated breaches carried out worldwide,” Chapple said. “The impact of this breach remains to be seen and depends upon the motivation of the attackers. We might see them go public in an attempt to monetize their work by selling exploits. On the other hand, they might remain in the shadows, stealthily using their new tools to compromise high-value systems.”
Shares of FireEye fell more than 7% in after-hours trading Tuesday following the disclosure.
This content was originally published here.