Within the span of just 4 days, it has been unveiled that state-backed hackers breached FireEye, a top cybersecurity firm with US government clientele, as well as Commerce and Treasury Department email servers. Though the attack on FireEye was contained before any highly-sensitive data was compromised, foreign surveillance of internal government emails may have gone on for months. 2020 has seen a massive rise in cyberattacks, coinciding with many more employees working at home and relying on cloud computing. Earnings figures reported earlier this month by cybersecurity firms Crowdstrike and Zscaler show an ongoing explosion in revenue and subscriptions.
Related Stocks & ETF: First Trust NASDAQ Cybersecurity ETF (CIBR), FireEye, Inc. (FEYE), CrowdStrike Holdings, Inc. (CRWD), Zscaler, Inc. (ZS)
Just days after FireEye, Inc., a major cybersecurity firm with federal, state and local government clientele, had some of their materials hacked by a state-backed hacking operation, the US Treasury and Commerce Departments unveiled that they’d also been hit – perhaps, by the same hackers.
In the case of the FireEye hack, Cnet reports that attackers stole FireEye’s “Red Team” tools, a collection of malware and exploits used to test customers’ vulnerabilities. While it is certainly a concerning prospect that even top cybersecurity experts can have vulnerabilities exploited, the scale of the attack was limited and relatively contained. For example, none of the tools was a zero-day exploit (a vulnerability that doesn’t have a fix), and no customer data was compromised.
WIRED Magazine notes that FireEye has both global prominence and a history of engaging with Russian actors, suggesting that the attack was retaliatory and more of a “statement” than a catastrophe. The stolen tools likely won’t give Russia much it doesn’t already have for its own hacking campaigns, says Jake Williams, a former NSA hacker and founder of the security firm Rendition Infosec. The worst the hackers may do is leak the stolen goods publicly, making life that much harder on cybersecurity pros.
On Sunday, Reuters reported that several internal US government email servers had been breached as well. Hackers first broke into the National Telecommunications and Information Administration’s (NTIA) office software, Microsoft’s Office 365. Staff emails at the agency were monitored by the hackers for months, sources said. Microsoft and the White House later confirmed the breach.
Per the Associated Press, the apparent conduit for the Treasury and Commerce Department hacks and, maybe, FireEye as well, is a popular piece of server software called SolarWinds. It is used by hundreds of thousands of organizations globally, including most Fortune 500 companies and multiple US government agencies, said Dmitri Alperovitch, the former chief technical officer of the cybersecurity firm CrowdStrike.
Cyberattacks have surged in 2020, according to CrowdStrike. A recent study by the company showed more cyberattacks within their network over the first six months of this year than in all of 2019. The cybersecurity firm detected around 41,000 potential attacks just between Jan. 1 and June 30 this year compared with 35,000 for all of last year.
Though FireEye’s stock price tanked in the initial aftermath of the hacking news, it did not lead to a sector-wide route. In fact, the First Trust NASDAQ Cybersecurity ETF (CIBR) ended the week higher than it had been prior to the FireEye incident. Internet browsers an Investors alike are now picking up on how critical protection will be against a new and aggressive wave of cyberattacks.
MRP has been sounding the alarm on the rising need for cybersecurity in the COVID-era as far back as April. As we wrote at the time, cybercriminals have capitalized on anxiety about the virus to spread infections of their own…