FireEye Got Hacked

Written by Jennifer Clark
Posted December 16, 2020

Last week, news broke that security software company FireEye (NASDAQ: FEYE) had been hacked. This could be seen as a slightly embarrassing incident for the company since its main mission is to secure others from threats and hackers — definitely not the best publicity. FireEye believes that the hacker was highly sophisticated and had targeted “government, consulting, technology, telecom, and extractive entities in North America, Europe, Asia, and the Middle East.”

Once FireEye learned of the hacking, the company’s investigators went full force trying to discover the attackers and how they were able to get past FireEye’s defenses. While investigating, the company found a vulnerability in a product that was made by one of its software providers, SolarWinds Corp (NYSE: SWI). Charles Carmakal, senior vice president and chief technical officer at Mandiant, FireEye’s incident response arm, said, “We looked through 50,000 lines of source code, which we were able to determine there was a backdoor within SolarWinds” 

SolarWinds' customer list includes every branch of the U.S. military and four-fifths of the Fortune 500. A security vulnerability within SolarWinds is a big problem for the U.S.’s top agencies and the world’s largest companies. SolarWinds told the U.S. Securities and Exchange Commission that it believed its monitoring products could be compromised. That compromise means that as many as 18,000 of its customers’ servers could be at risk.

Reuters reported that the U.S. Department of Homeland Security and the Treasury Department were also attacked. The Department of Commerce has confirmed that a breach occurred in one of its bureaus. The safety of these agencies is crucial to the national security of the U.S.

A filing to the SEC from SolarWinds said:

The company has been made aware of a cyber-attack that inserted a vulnerability within its Orion monitoring products which, if present and activated, could potentially allow an attacker to compromise the server on which the Orion products run. SolarWinds has been advised that this incident was likely the result of a highly sophisticated, targeted, and manual supply chain attack by an outside nation-state.

--------------------------------------Sponsored Link-----------------------------------------

New 5G Device Is Revealed to Public for First Time 

A groundbreaking new technology is expected to be in every household in America by early next year... 

This technology has the potential to make over 266 million smartphones obsolete, forcing nearly every American to switch over to this new "5G device."

Click here to learn more.

---------------------------------------------------------------------------------------------------

On the announcement of the attack, SolarWinds shares fell 17% then 6% in early trading the following day. This has been the biggest drop in the company's stock since it went public back in December 2018. According to the SolarWinds website, it has more than 300,000 customers. Outside of the U.S., it has contracts with the U.K. National Health Service, European Parliament, and NATO. The number of companies and organizations that were affected by this attack will likely increase as clients comb through their computer systems to see if there are any traces of a breach. 

Late Sunday night, the U.S. government called on all federal civilian agencies to power down SolarWinds Orion products as soon as possible. Brandon Wales, the Cybersecurity and Infrastructure Security Agency's (CISA) acting director, said:

The compromise of SolarWinds’ Orion Network Management Products poses unacceptable risks to the security of federal networks. Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners — in the public and private sectors — to assess their exposure to this compromise and to secure their networks against any exploitation. 

The scope of the attack could grow and become a bigger problem as more information about what was compromised comes to light. Cybersecurity Ventures predicts that cybercrime will cost the world about $6 trillion annually by 2021 — that’s up from $3 trillion in 2015. The need for increased cybersecurity has never been greater. As you can see, even cybersecurity firms can be compromised despite their efforts to protect other companies and organizations through their software. There’s no guarantee that things will be safe. Not to mention, you don’t know who is doing the hacking and what they are using that information for. 

Businesses and organizations need to get serious about cybersecurity and make sure they are picking the right software company to protect their vital information and lessen the likelihood of a threat. Hacking and cyber attacks aren't going to slow down anytime soon. This recent hack could be a mess to untangle, but it’ll hopefully bring together the smartest minds to prevent a future attack and make it harder for hackers to access information, especially from government agencies.

Until next time, 

Jennifer Clark
Pro Trader Today
Wireless Charging is Here!