Cyberattacks have been carried out by nations for decades, but for whatever reason, our minds still build the hoodie-wearing cyberpunk sitting at a laptop in a dimly-lit room. This often isn’t the case. Today, we thought we would shine a light on state-sponsored hacking, starting with the attack carried out recently against the U.S.-based cybersecurity company FireEye.
FireEye’s Hacked Tools
Before the calendar turned to 2021, FireEye was hacked with one of their very own hacking toolkits. These kits are used to simulate cyberattacks on organizations to help assess the effectiveness of their cybersecurity defenses. Apparently, one was stolen and gave hackers a schematic of how to attack FireEye. In using innovative new techniques outlined in the hacking toolkit, hackers were able to bypass many of the company’s advanced protections. This suggested that the attack was perpetrated by a professionally equipped and extremely well-funded team with the support of some government agencies.
This attack was sophisticated, with use of thousands of unique and brand new IP addresses created to mask the location of the infiltrators.
Surprise, surprise, it wasn’t just a team of rag-tag cyberpunk hackers, it is thought that Russia’s intelligence agencies are responsible for the theft and subsequent break in. The Federal Bureau of Investigation has confirmed that it was, in fact, a nation-state that carried out this attack. Unfortunately, beyond that there has been no official confirmation of whether it was indeed Russia that was behind it.
With Russia sponsoring the hacks that muddled the 2016 U.S. Presidential elections, it is thought they are one of the few organizations in the world sophisticated and well-funded enough to carry out the attack against FireEye.
All-in-all it isn’t overly surprising that nation-sponsored hackers are at the bottom of such a major and brazen attack. Many nations contract contractors to conduct surveillance and counter-surveillance using online tools, and this would be just another example of a nation using the resources at their disposal to carry out--and ultimately, conceal--their role in these illegal attacks against a rival nation’s infrastructure. The theft also allows them to hide their own toolkits, as using stolen hackers tools to infiltrate systems hides their culpability.
FireEye serves a huge number of clients and with that toolkit in their possession, hackers can continue to carry out attacks against those organizations.
Businesses, Even Small Businesses, Aren’t Immune to These Attacks
While state-sponsored hacking often targets private businesses like FireEye, doing this so brazenly is a new trend that popped up as the Coronavirus pandemic started. In a recent survey, nearly 80 percent of respondents claim that the likelihood of such an attack has risen due to the fact that more people are working remotely. They also suggest that the frequency will continue to rise substantially.
So, while many organizational leaders feel that their cybersecurity is good enough to deal with the threats they typically face, they aren’t considering that there are nations out there sponsoring hacking collectives to hack into and steal information from businesses.
Let Us Help You Protect Your Business
For your organization to be prepared for the worst, you need to have the tools and procedures in place to face them. At ClearView IT, we have the knowledge and experience to help your business institute a cybersecurity platform that will work to keep your business as safe as it can be. It includes software tools, procedure suggestions, and best support practices to control your own cybersecurity destiny. Give us a call today at 866-326-7214 to learn more.
