Cybersecurity firm F5 sinks 10% after disclosing nation-state hack
Pavlo Gonçar | SOPA Pictures | Light Rocket | Getty Images
US cybersecurity company F5 It closed 10% on Thursday after announcing a systems breach in which a “highly advanced nation-state threat actor” gained long-term access to some systems.
The stock had its worst day since April 27, 2022, when it fell 12.8%.
The company explained the violation in a statement Securities and Exchange Commission It filed on Wednesday and said the attack impacted the BIG-IP product development environment. F5 said the attacker had infiltrated some source code and files containing information about “undisclosed vulnerabilities” in BIG-IP.
The breach was later claimed to have been carried out by state-sponsored hackers in China. Bloomberg It was reported by quoting people familiar with the subject.
F5, which learned of the attack in August, said it had seen no evidence of any new unauthorized activity.
“We have no knowledge of any undisclosed critical or remote code vulnerabilities, and we are not aware of any active exploitation of any undisclosed F5 vulnerabilities,” F5 said. expression.
According to Bloomberg, the cybersecurity giant told customers that hackers had been on the network for at least 12 months and that the breach used malware called Brickstorm.
F5 does not confirm the information.
Brickstorm is attributed to a threat suspected to be linked to China. UNC5221The Google Threat Intelligence Group said in a blog post. The malware is used to maintain “long-term covert access” and can remain undetected on victim systems for an average of 393 days. Mandiant.
The attack caused a stir emergency directive All organizations using F5 software or products were told to apply the latest update from the Cybersecurity and Infrastructure Security Agency on Wednesday.
“The alarming ease with which these vulnerabilities can be exploited by malicious actors requires immediate and decisive action by all federal agencies,” said CISA Acting Director Madhu Gottumukkala. he said. “The same risks apply to any organization using this technology, potentially leading to catastrophic compromise of critical information systems.”
The UK’s National Cyber Security Center is also published guide For the F5 attack, we recommend customers install security updates and continue monitoring for threats.
