Cyber giant F5 Networks says government hackers had ‘long-term’ access to its systems, stole code and customer data

Summary

Cybersecurity firm F5 Networks says government-backed hackers had “long-term, persistent access” to its network, which allowed them to steal the company’s source code and customer information. In a filing with the U.S. Securities and Exchange Commission on Wednesday, F5 said it now “believes its containment actions have been successful,” after first discovering the hackers in its network on August 9. The Seattle, Washington-based company, which specializes in providing application security and cybersecurity defenses for large companies and governments, said the hackers had access to its BIG-IP product development environment and its knowledge management systems, which included source code and undisclosed security vulnerabilities. F5 said it wasn’t aware of any modifications to its software while in development, nor was it aware of any exploitation of the vulnerabilities. The company published several updates on Wednesday for its BIG-IP platform to fix the undisclosed security flaws and urged customers to patch them. The company also said the hackers downloaded configurations and implementation information about some of its customers’ systems, files that could help hackers find and exploit potential design weaknesses, and potentially hack into those customers’ systems. F5 said in the notice that the U.S. Department of Justice allowed the company to delay its public disclosure. An F5 spokesperson would not say for what reason the delay was allowed, but the DOJ can allow companies to hold off on notifying the public if there is a “substantial risk to national security or public safety.” F5 has over 1,000 corporate customers and serves more than 85% of the Fortune 500, the largest public companies by revenue, including banks, tech companies, and critical infrastructure companies. The U.K.’s National Cyber Security Centre warned on Wednesday, following F5’s disclosure, that hackers could “enable a threat actor to exploit F5 devices and software.” CISA said in an email on...