Tuesday’s announcement of the hack on FireEye and the resulting theft of tools used to test FireEye’s customer’s defenses against cyber-attacks is extremely concerning. While these tools were designed to legitimately see if a customer’s network is vulnerable to attack they can equally be used by bad actors to attack any entities network whether they be an enterprise, municipality or individual. This has many similarities to the 2017 Shadow Broker leaks where cyber weapons developed by the US National Security Agency were stolen and subsequently shared publicly. These weapons exploited vulnerabilities in software like Microsoft Windows. Once shared publicly, the result was many successful and devastating attacks on businesses, municipalities and individuals all over the world.
This is a critical reminder that all networks, whether they be Enterprises, Municipalities or Individuals should include Network Threat Detection as part of their cyber security posture. A reputable network threat detection solution like Cyber adAPT NTD, can be quickly updated to include the ability to identify new threats. Case in point is Tuesday’s hack on FireEye. As an example, within 24 hours of the hack our Cyber adAPT threat research team had incorporated the first phase of countermeasures against this FireEye hack in our threat intelligence database. Now all our NTD solutions in the field have incorporated this threat knowledge through their automatic threat intelligence updating capability. This is a perfect and timely example of why network threat detection is so important and why Cyber adAPT NTD is a solution that should seriously be considered.