Cybersecurity firm FireEye hacked. The prime suspect is Russia.

Leading U.S. cybersecurity company FireEye said on December 8, 2020 that “world-class capacity” international government hackers breached through its network and seized offensive tools it uses to monitor the defenses of its thousands of clients, including federal, state, and local governments and major global companies. 

In a statement, FireEye CEO Kevin Mandia said without naming them, the hackers “primarily sought information related to certain government clients.” He said there was no sign that they had client data from the consulting or breach-response businesses of the company or threat-intelligence data it gathers.

FireEye is a big cybersecurity player. It responded to the Sony and Equifax data breaches and helped Saudi Arabia foil a cyberattack on the oil sector. The company also played a key role in identifying Russia as the protagonist of multiple attacks in the developing underworld of global digital conflict.

Although a FireEye spokesperson hasn’t confirmed who might be responsible for the hack, many within the cybersecurity community suspect Russia.

In the wrong hands, the stolen “Red Team” instruments, which amount to real-world ransomware, could be disastrous. FireEye has said that there is no indication that they were maliciously exploited. But specialists in cybersecurity believe advanced nation-state hackers could alter and use them against a government or business goals in the future.

In its statement, Milpitas, California-based FireEye, which is publicly traded, said it had built 300 preventive measures to safeguard clients and others from the hackers and was making them accessible immediately.

FireEye stated that it is investigating the attack in cooperation with the FBI and collaborators, including Microsoft®, which has its own cybersecurity unit. “The hackers used a novel combination of techniques not seen in the past by us or our partners,” Mandia said.

Established in 2004, FireEye went public in 2013 and, months later, acquired Mandiant Corp., a corporation headquartered in Virginia that linked years of cyberattacks on U.S. corporations to a secret Chinese military unit. Last year it had around 3,400 jobs and $889.2 million in sales, albeit with a net loss of $257.4 million.

In after-hours trading, FireEye’s shares plummeted more than 7 percent following news of the hack on December 8.