In a blog post Tuesday, cybersecurity firm FireEye Inc. (NASDAQ: FEYE) revealed that it had been the target of a “sophisticated state-sponsored” attack that resulted in the theft of tools used by the company’s Red Team, a group organized and authorized to mimic attacks against an enterprise’s security precautions.
The company said that it is releasing “hundreds of countermeasures” that allow other firms to protect themselves against an attack by the Red Team’s stolen tools. FireEye noted that the stolen tools did not contain what are known as zero-day exploits. These are attacks that occur on the same day a company discovers a flaw in its software. A zero-day exploit can be used to attack a company’s security program before a patch for the flaw can be created and distributed.
In a filing with the U.S. Securities and Exchange Commission, FireEye said that it had seen no evidence that the attacker stole customer data.
While the theft of software from a company that sells security software certainly increases reputational risk, the greater danger is that the thief may use the stolen software to attack enterprises. Because FireEye believes the attacker was “a nation-state cyber-espionage effort” and “sought information related to certain government customers,” the threats to governmental security systems are a worst-case scenario.
At present, according to FireEye, the company has no evidence that the stolen tools have been disseminated or used in a cyberattack.
Shortly after Wednesday’s open, FireEye stock traded down more than 10% to $13.88, in a 52-week range of $7.54 to $18.34. The consensus price target on the stock is $17.25.
Since coming public in September of 2013, FireEye shares have traded down by about 57% and have not traded above their IPO price since July of 2015. The First Trust NASDAQ Cybersecurity ETF (NASDAQ: CIBR), which began trading publicly in July 2015, has added 110% in the same period.