Cyber Security Bulletin: FireEye Cyber Security Breach

This Cyber Security alert is intended for organizations that utilize this technology as part of their cyber security protection program.

On December 8, 2020, cyber security firm FireEye disclosed that it was recently a victim of a targeted security breach by a threat actor.

The threat actors were successful at infiltrating the internal network and acquire red team security assessment tools. FireEye is currently investigating and initial findings show no evidence of customer data exfiltration and at this time cannot state confidently whether these tools will be used or publicly disclosed by the threat actors..

These FireEye tools are used by customers to simulate real-world cyber attacks and test themselves in a near-real type of environment. Users of these technologies should review FireEye released methods of detecting the use of those red team tools in the event the threat actors use them for attack purposes.

Further actions for Consideration:

Review the CSE Top 10 Security Actions (https://cyber.gc.ca/en/top-10-it-security-actions)
Review the signatures shared by FireEye and consider them for inclusion within security appliances. Organizations are encouraged to contact vendors if tailored signatures are required for specific products.
Consider measures to limit the amount of sensitive information that malicious actors can collect about their networks by performing security assessments on network systems for un-necessary or inadequately secured or patched services.
Assess networks for the presence of vulnerable software, particularly where it is installed on devices exposed to the internet, and update as soon as possible to the latest version.
Implement two-factor authentication (2FA) on all internet-facing remote access services, starting with perimeter security devices such as firewalls and remote access gateways for teleworkers and administrators.

Please reach out to us with your concerns or for more information on how to protect yourself and your business.

December 10, 2020

0 replies

Want to join the discussion?
Feel free to contribute!

Who We Are

SRG Security Resource Group Inc. is a Canadian company dedicated to providing world-class Protective Security Guard and Patrol and Cyber Security services. Founded in the spring of 1996, SRG provides solutions and services for people and organizations across Canada.

SRG Security Resource Group Inc. is a wholly owned subsidiary of SSC Security Services Corp. (TSXV: SECU) (OTCQX: SECUF).

Testimonials

Information Technology Office

“SRG provides subject matter expertise to the Government of Saskatchewan in a timely, proficient manner. I have enjoyed working with the SRG team and appreciate the adaptability and professionalism they exhibit when dealing with our challenging environment.”

– Crystal Zorn
Director, Information Security Branch

The Manitoba Museum

“SRG has been a reliable and preferred supplier of security services to The Manitoba Museum for a number of years.”

– David Thompson
Director of Finance and Operations

The Alberta Teachers’ Association

“The IT security improvement journey for any organization can be a large and continuous undertaking. The Alberta Teachers’ Association (ATA) chose to partner with SRG many years ago to assist us on that journey. SRG continues to add value to the ATA by providing top quality service and resources in an annual security plan. Over the years, SRG has helped us to gain support and commitment from the various stakeholders in the Association and we continue to look forward to a long relationship with SRG.”

– Dr. Terry Bruchal
Director of Information Technology

Get In Touch

Phone
306-522-0135
Email
admin@securityresourcegroup.com
Address
300-1914 Hamilton Street
Regina, SK S4P 3N6

Cyber Security Bulletin: FireEye Cyber Security Breach

Leave a Reply

Leave a Reply Cancel reply

Who We Are

Testimonials

Information Technology Office

The Manitoba Museum

The Alberta Teachers’ Association

Get In Touch

Phone

Email

Address