The cybersecurity firm FireEye has always been the front line for government agencies and top tier companies around the world who believe they have been hacked or fear they might be. It was announced that their own network was breached by a sophisticated group of hackers and stole tools that the company uses themselves to test security of its customers.

FireEye CEO Kevin Mandia says it was an attack by a state-sponsored attack whose discipline, operational security, and techniques are highly sophisticated. It is reported to be from the hacking arm of Russia's SVR foreign intelligence service.

The company says that there has not been any evidence that any customer information related to the incident was stolen, but instead the group of attackers stole some of the company's internal Red Team tools. These tools consist of real attack simulations so that the defenders (the blue team) can assess and respond the impact of potential breaches. In other words, these tools mimic the behavior of many cyber threat simulations that enable the company to provide essential diagnostic security services. The tools stolen range from simple scripts for network reconnaissance to more advanced frameworks for attacks.

The federal agencies targeted in the attack have a storehouse of personal information about Americans. This breach left the updating system for many key security systems open to exploitation, meaning it is possible they could have attained root access to many agency's systems. This data includes personnel data, including foreign agents, planning, operations, etc.

There is a big lesson from the FireEye breach everyone, including small businesses around the country, can take from this. Anyone can be hacked. It is worth remembering there is no such thing as impenetrable defenses when dealing with complex environments. Attackers have the ability to attack any network, small or big.

The goal of modern security programs is to minimize and manage risk, not eliminate it. The important thing is to be prepared to handle such incidents as efficiently as possible and with a reasonably low impact to your organization.