
An investigation into the hacking of a cyber-security company appears to have revealed a global intrusion campaign affecting US government networks, among other targets. FireEye â one of the worldâs largest cyber-security companies â announced on 8 December that it had been the victim of an intrusion by a ânation with top-tier offensive capabilitiesâ. On the companyâs blog, Chief Executive Officer Kevin Mandia stated that the attackers had âused a novel combination of techniques not witnessed by us or our partners in the pastâ.

The FireEye corporate logo is shown on a smartphone on 7 July 2020. FireEye was the subject of a sophisticated cyber intrusion that subsequently revealed operations against US government entities, among others. (Rafael Henrique/SOPA Images/LightRocket via Getty Images)
On 13 December, FireEye released an update, stating that it was tracking a broader campaign that had begun in early 2020. According to FireEye, the actor behind the attack had the ability to insert malicious code into legitimate updates for a widely used network management platform called Orion. Supply-chain attacks of this kind pose a severe threat because they exploit a trusted relationship. FireEye stated that the attacks themselves were not automated, but instead required âmeticulous planning and manual interactionâ.
SolarWinds, the company that produces Orion, released an advisory noting that its software had been the target of a âhighly sophisticated, manual supply chain attackâ. SolarWinds CEO Kevin Thompson stated that the company was âacting in close coordination with FireEyeâ and the US intelligence community to investigate. The United Statesâ Department of Homeland Security issued an advisory about the compromise of the Orion code, recommending â[d]isconnecting affected devicesâ.
Looking to read the full article?
Gain unlimited access to Janes news and more...