Light Dark
December 11, 2020 By Limor Kessem
Nick Rossmann
2 min read
Incident Response
News
Threat Intelligence

This year has been a challenging one for organizations that faced data breaches, intrusions and ransomware attacks at the hands of cyber criminals and nation-state attackers. Cybersecurity firm FireEye announced on Dec. 8, 2020, that an adversary targeted and gained unauthorized access to its Red Team tools — an important call to every company to remain vigilant and be prepared for a potential incident.

FireEye reported that the attack affected its networks and released information to the industry and authorities. As part of its rapid response, the company has released countermeasures (posted to GitHub) that can help detect or block the use of their stolen Red Team tools.

This incident underscores that any organization can be targeted and attacked by a persistent and sophisticated adversary. In this case, FireEye notes the tactics used against it are “consistent with a nation-state cyber-espionage effort.”

Among the many incidents that plagued companies this past year, this serves as a reminder of the necessity of methodical preparation for when an incident may occur, including:

  • Have an incident response plan and an internal team in charge of incident identification and escalation.
  • Develop incident response plans according to risks and threats that apply to your organization, practice the plans and ensure key leaders know their roles.
  • Prepare and rehearse your cyber crisis management plan. If your executives, communications, legal, finance and marketing teams are meeting for the first time on how they would respond to an incident in the hours after one occurs, it is too late.
  • As needed, have an incident response firm on retainer and know when to call for help and who makes that decision as quickly as possible.

IBM Security’s X-Force team will provide additional materials about the incident on X-Force Exchange. Please visit often or subscribe to receive email notifications to stay up to date. Please revisit this blog for additional updates as relevant.

If your organization requires immediate assistance with incident response, please contact IBM Security X-Force’s US hotline 1-888-241-9812 or Global hotline (+001) 312-212-8034. Learn more about X-Force’s threat intelligence and incident response services.

 |  |  | 
Limor Kessem
Principal Consultant, X-Force Cyber Crisis Management, IBM
Nick Rossmann
Global Lead, X-Force Threat Intelligence, IBM Security

More from Incident Response
April 9, 2024

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

March 6, 2024

Why federal agencies need a mission-centered cyber response

4 min read - Cybersecurity continues to be a top focus for government agencies with new cybersecurity requirements. Threats in recent years have crossed from the digital world to the physical and even involved critical infrastructure, such as the cyberattack on SolarWinds and the Colonial Pipeline ransomware attack. According to the IBM Cost of a Data Breach 2023 Report, a breach in the public sector, which includes government agencies, is up to $2.6 million from $2.07 million in 2022. Government agencies need to move…

February 21, 2024

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature