- The attacker was after information on government customers, FireEye said.
- It's not clear when the attack happened.
Shares of computer security company FireEye fell as much as 8% in extended trading on Tuesday after the company disclosed details of a cyberattack that it believes was carried out by a state-sponsored actor.
"Consistent with a nation-state cyber-espionage effort, the attacker primarily sought information related to certain government customers," FireEye said in a regulatory filing. Specifically, FireEye said the attacker accessed so-called "Red Team" tools. In general, security consultants use this class of tool to simulate cyberattacks and discover weaknesses in their customers' systems.
The company said that the attack was unusually sophisticated: "The attackers...are highly trained in operational security and executed with discipline and focus. They operated clandestinely, using methods that counter security tools and forensic examination. They used a novel combination of techniques not witnessed by us or our partners in the past."
The company is looking into the incident alongside Microsoft and the FBI. The company said it wasn't sure if the attacker wants to use the tools it accessed, and has come up with ways for organizations to reduce the possible impact.
Organizations have brought FireEye in to assist them with attacks in the past. It worked with credit reporting company Equifax, which announced an attack in 2017.
This isn't the first time FireEye has been on the receiving end of a cyberattack. In 2017 the company said one of its analysts' social media accounts had been hacked, CNN reported.