Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Sony The First To Be Hit With Destructive Payload

    SONY_HACKSony has been hacked several times, and should have learned their lesson a while ago, but no. This time it is really bad though. Late yesterday the FBI warned U.S. business that the hackers used malware with a destructive payload to bring down Sony Pictures Entertainment.

    Sony Pictures is in digital lockdown while it investigates a breach in which intruders reportedly stole more than 200MB of data and defaced employees' workstations. Sony Pictures staff are being asked to disconnect computers and personal devices from the network and to shut down VPNs.

    The five-page, confidential "flash" FBI warning issued to businesses late on Monday provided some technical details about the malicious software used in the attack. It provided advice on how to respond to the malware and asked businesses to contact the FBI if they identified similar malware.

    The report said the malware overrides all data on hard drives of computers, including the master boot record, which prevents them from booting up. Sony has hired FireEye Inc’s Mandiant incident response team to help clean up after the attack, a move that experts say indicates the severity of the breach.

    Sony is investigating to determine whether hackers working on behalf of North Korea are responsible for the attack. This would be revenge for the company’s backing of the film "The Interview" which comes out Dec. 25.
    it's a comedy about two journalists recruited by the CIA to assassinate North Korean leader Kim Jong Un. The North Korea government denounced the film as "sponsoring of terrorism" in a letter to United Nations.

    The technical section of the FBI report said some of the software used by the hackers had been compiled in Korean, but it did not discuss any possible connection to North Korea. More at Reuters who got their hands on the FBI report:

    A person claiming to be one of the hackers responsible for the attack said they had been aided by Sony employees. The alleged hacker also told The Verge that IT security at Sony Pictures is lax: “Sony doesn’t lock their doors, physically, so we worked with other staff with similar interests to get in.”

    Looks to me like they should have a look at the outer layer of Defense-In-Depth: Policy, Procedure and Awareness. 

     

     

     

    Return To KnowBe4 Security Blog

    Topics: Security Awareness Training, Cybercrime, Hacking

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews