Cybersecurity agency F5 sinks 10% after disclosing nation-state hack

U.S. cybersecurity firm F5 closed down 10% on Thursday after disclosing a system breach through which a “extremely subtle nation-state menace actor” gained long-term entry to some techniques.

The inventory had its worst day since April 27, 2022, when the inventory fell 12.8%.

The corporate disclosed the breach in a Securities and Alternate Fee submitting on Wednesday and mentioned the hack affected its BIG-IP product growth setting. F5 mentioned the attacker infiltrated recordsdata containing some supply code and data on “undisclosed vulnerabilities” in BIG-IP.

The breach was later attributed to state-backed hackers from China, Bloomberg reported, citing folks accustomed to the matter.

F5, which was made conscious of the assault in August, mentioned they haven’t seen proof of any new unauthorized exercise.

“We now have no data of undisclosed crucial or distant code vulnerabilities, and we aren’t conscious of lively exploitation of any undisclosed F5 vulnerabilities,” F5 mentioned in a assertion.

The cybersecurity big advised clients that hackers had been within the community for at the least 12 months and that the breach used a malware referred to as Brickstorm, in accordance with Bloomberg.

F5 wouldn’t affirm the data.

Brickstorm is attributed to a suspected China-nexus menace dubbed UNC5221, Google Menace Intelligence Group mentioned in a weblog publish. The malware is used for sustaining “long-term stealthy entry” and may stay undetected in sufferer techniques for a mean of 393 days, in accordance with Mandiant.

The assault prompted an emergency directive from the Cybersecurity and Infrastructure Safety Company on Wednesday, telling all companies utilizing F5 software program or merchandise to use the most recent replace.

“The alarming ease with which these vulnerabilities may be exploited by malicious actors calls for quick and decisive motion from all federal companies,” CISA Performing Director Madhu Gottumukkala mentioned. “These identical dangers prolong to any group utilizing this know-how, probably resulting in a catastrophic compromise of crucial data techniques.”

The UK’s Nationwide Cyber Safety Centre additionally issued steering for the F5 assault, advising clients to put in safety updates and proceed monitoring for threats.