Last updated 23/07/2021
FireEye, a $3.5 billion cybersecurity goliath, has unveiled that it was as of late focused on a gigantic, particular, and exceptionally refined cyber attack. The attack is said to have been explicitly customized to break FireEye's own protections and included exceptionally refined strategies that FireEye claims had so far not been seen before in the standard multitude of digital assaults that happen each day. Given that FireEye is one of the world's greatest network protection firms, that deduction is cause for concern.
Compounding on the threat, FireEye CEO Kevin Mandia further expresses that in the wake of examining the hack's crime scene investigation, the organization has inferred that this action was upheld by a country state-supported programmers, who were quite certain, exceptionally progressed and reason has driven in their attack. “The attackers tailored their world-class capabilities specifically to target and attack FireEye. They are highly trained in operational security and executed with discipline and focus. They operated clandestinely, using methods that counter security tools and forensic examination. They used a novel combination of techniques not witnessed by us or our partners in the past,” Mandia adds.
The hack focused on the FireEye Red Team hacking instruments, which are ordinarily utilized related to a nectar pot to evaluate advancing and zero-day security dangers. Such instruments are regularly intended to douse test undertaking security, and given FireEye's broad demographic, raised reason for huge concern. On this note, Mandia adds, “we are proactively releasing methods and means to detect the use of our stolen Red Team tools.
“We are not sure if the attacker intends to use our Red Team tools or to publicly disclose them. Nevertheless, out of an abundance of caution, we have developed more than 300 countermeasures for our customers, and the community at large, to use in order to minimize the potential impact of the theft of these tools. We have seen no evidence to date that any attacker has used the stolen Red Team tools. We, as well as others in the security community, will continue to monitor for any such activity,” he sums up.
Like various occasions previously, this specific hack once more underlines the seriousness that organized digital assault crusades contain. Such state-sponsored hacker crusades are ordinarily not adjusted for monetary benefits. Much of the time, such missions fill in as moderate burners, where country sponsored aggressors to invade delicate foundation frameworks to pull out confidential data, or even from a pessimistic standpoint, deal with a basic framework. In others, for example, this, crusades are aimed at attracting gains the type of cutting edge digital fighting instruments. The FireEye security apparatuses, for example, would have been basic in ensuring enormous, worldwide partnerships from steady malware dangers, distant assaults, and other countless types of cyber threats.
While Mandia keeps up that no immediate effect of the attack has been noticed promptly, the advancing idea of cyber warfare is a disturbing feeling, to be sure. Given the consistent blast of zero-day exploits and obscure digital observation and invasion devices that are created by countries just as the hidden world, hacks, for example, the most recent FireEye episode can become essential focuses for the worldwide security network to take in and advance from.
NovelVista Learning Solutions is a professionally managed training organization with specialization in certification courses. The core management team consists of highly qualified professionals with vast industry experience. NovelVista is an Accredited Training Organization (ATO) to conduct all levels of ITIL Courses. We also conduct training on DevOps, AWS Solution Architect associate, Prince2, MSP, CSM, Cloud Computing, Apache Hadoop, Six Sigma, ISO 20000/27000 & Agile Methodologies.
* Your personal details are for internal use only and will remain confidential.
|AWS Solution Architect Associates|
|SIAM Professional Training & Certification|
|ITIL® 4 Foundation Certification|
|DevOps Foundation By DOI|
|Certified DevOps Developer|
|PRINCE2® Foundation & Practitioner|
|ITIL® 4 Managing Professional Bridge Course|
|Certified DevOps Engineer|
|DevOps Practitioner + Agile Scrum Master|
|ISO Lead Auditor Combo Certification|
|Microsoft Azure Administrator AZ-104|
|Digital Transformation Officer|
|Certified Full Stack Data Scientist|
|Microsoft Azure DevOps Engineer|