When Defenders Go Down: FireEye Data Breach Raises Cybersecurity Concerns For All

What happens when defenders go down. One of the leading cybersecurity firms which has clients across the globe and their job was to keep them safe from cyber predators have become victim to one of the most sophisticated cyber-attack. The firewall of the company not only got hacked, but its security tool was also stolen.

The attack on FireEye has set alarm bells ringing in the security industry and has raised a question whether anyone is safe online. The420.in spoke to the country’s leading cybersecurity experts to know their view on latest infiltration which is alleged to be backed by the state.

Burgess Cooper, Partner-Cybersecurity, EY India

Highlighting a perspective shared by different professionals, Burgess Cooper, Partner-Cybersecurity, EY India said, “Speaking generally – No firm is really secure and given that the arsenals of cyber have been stolen there is a heightened need to stay even more alert and cautious.”

The incident has come as a wake-up call for the multi-crore cybersecurity industry. Cybersecurity is the need of the hour and need has grown much more especially during lockdown when people across the world were working from home.

“This attack sends out a strong message to the cybersecurity companies, that while you defend your clients, secure yourself first. Put your reputation before profits. This incident clearly indicates that no one is immune from such advanced and sophisticated cyberattacks,” said Ritesh Bhatia Cybercrime Investigator and Founder, V4WEB Cybersecurity.

Highlighting the need to stay prepared for more state-sponsored cyber attack Delhi based cyber expert Tarun Vig said, “These attacks are well coordinated and well funded and can cause huge damage to the national and economic security of the nation. As a nation, we need to be prepared to fight attacks originating from Pakistan in terms of social media propaganda as well as attacks originating from China to either steal information via applications like Tiktok or by directly hacking into our network by installing backdoors in IT infrastructure provided to us.

Tarun Vig, co-founder of Innefu Labs said state-sponsored hacking attacks have become a norm with nation-states trying to outrun each other to develop capabilities to hack into the cyberspace of hostile nations. The hacking attacks are carried out either to steal intelligence or high-value IP.

FireEye also announced that hackers broke into its network and stole tools the company’s experts developed to simulate real attackers and test the security of its customers.

Yadhu Krishna, Founder, CEO – Tracelay

“The biggest lesson from the FireEye breach is that anyone can be hacked. Cybersecurity firms internally should apply Zero-Trust security,” said Yadhu Krishna, Founder, CEO – Tracelay.

Krishna said that this isn’t the first nation-state attack against a cybersecurity vendor. It is the first time in many years that powerful hacking tools have landed in the hands of adversaries.

“The goal of modern security programs is to minimize and manage risk, not completely eliminate it, and it’s common to hear security experts say that it’s a question of when, not if, you get hacked,” Krishna said.

Ritesh Bhatia Cybercrime Investigator and Founder, V4WEB Cybersecurity

Cybercrime investigator Ritesh Bhatia also said this is a very concerning case because hackers now have access to advanced tools that could enable several attacks at a mass scale. There are no two doubts that this attack is extremely sophisticated something that even FireEye didn’t imagine.

Explaining the impact of the attack on FireEye, Krishna said penetration testing tools, in the hands of the good guys, help test security to make it better. But in the hands of anyone with malicious intent, the same tools can also penetrate networks and facilitate data exfiltration.

Mumbai based cyber expert Smith Gonsalves said the attack on FireEye is a clear example of evolving capabilities possed by nation-states being utilised to arbitrate and escalate in hostile conditions for the transfer and stealing of valuable assets owned by enterprises and institutions.

“All this indicates that cyber domain is no longer a capability but a battlespace which is often utilised in the time of an unconventional battlefront to offensively attack enterprises,” said Smith Gonsalves Director & Principal Consultant CyberSmithSECURE Pvt. Ltd.