Cybersecurity firm F5 Networks revealed that government-backed hackers maintained “long-term, persistent access” to its network, stealing source code and customer information.
In a filing with the U.S. Securities and Exchange Commission on Wednesday, F5 said it now “believes its containment actions have been successful,” after first discovering the breach on August 9.
Seattle-based F5, which provides application security and cybersecurity solutions for major companies and governments, said hackers accessed its BIG-IP product development environment and knowledge management systems. These systems included source code and undisclosed security vulnerabilities.
The company stated it is not aware of any modifications to its software or exploitation of the stolen vulnerabilities. On Wednesday, F5 released several updates for its BIG-IP platform to patch the undisclosed security flaws and urged customers to apply them immediately.
Hackers also downloaded configuration and implementation files related to some customer systems. These files could help attackers identify weaknesses and potentially compromise customer networks.
F5 noted that the U.S. Department of Justice allowed the company to delay public disclosure, likely due to potential risks to national security or public safety. The company did not name any specific government or nation-state responsible, and declined to comment on the number of affected customers or the initial method of intrusion.
F5 serves over 1,000 corporate clients, including more than 85 percent of the Fortune 500, covering banks, tech firms, and critical infrastructure providers.
Following the disclosure, the U.K.’s National Cyber Security Centre warned that the breach could enable threat actors to exploit F5 devices and software. The U.S. Cybersecurity and Infrastructure Security Agency issued an emergency directive requiring federal civilian agencies to patch affected systems by October 22.
F5 joins a growing list of tech companies targeted by government-backed hackers in recent years. High-profile incidents include Microsoft, targeted by China and Russia; Hewlett Packard Enterprise; and other firms affected by the broader Russian cyberattack on SolarWinds.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream formerly known as CIO News LinkedIn Account | The Mainstream formerly known as CIO News Facebook | The Mainstream formerly known as CIO News Youtube | The Mainstream formerly known as CIO News Twitter |The Mainstream formerly known as CIO News Whatsapp Channel | The Mainstream formerly known as CIO News Instagram
About us:
The Mainstream formerly known as CIO News is a premier platform dedicated to delivering latest news, updates, and insights from the tech industry. With its strong foundation of intellectual property and thought leadership, the platform is well-positioned to stay ahead of the curve and lead conversations about how technology shapes our world. From its early days as CIO News to its rebranding as The Mainstream on November 28, 2024, it has been expanding its global reach, targeting key markets in the Middle East & Africa, ASEAN, the USA, and the UK. The Mainstream is a vision to put technology at the center of every conversation, inspiring professionals and organizations to embrace the future of tech.
