FBI Warns Of Destructive Cyber-Attacks Following Sony Pictures Breach

Matthew Broersma,
Hacker, cyber crime © Stokkete, Shutterstock 2014

The FBI has issued a warning on a major cyber-attack that leaves hard drives unusable

The FBI has warned US companies of a destructive cyber-attack in an alert that industry experts say appears to refer to the hack of Sony Pictures last week.

The five-page “flash” warning, issued late on Monday, gives technical details of the malware used in the attack, which it says makes computer hard drives unusable, meaning they must be replaced or re-imaged from scratch

Hard drives wiped

cyber attackAccording to Reuters, which independently obtained a copy of the report, the warning was sent to security officers of some US companies, with a request that the details remain private.

“The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods,” the report apparently said.

Industry observers have said the attack on Sony marks the first time a major, destructive cyber-attack has been carried out against a company in the US. The attack disabled the Sony subsidiary’s corporate email for a week, affected other systems and resulted in several Sony films being leaked online.

Reuters said two unnamed security experts said the data in the FBI warning matched information about the Sony hack. The FBI confirmed it had sent the advisory, but didn’t give further details.

Unknown attackers

Some of the software used in the attack was compiled in Korean, according to the technical section of the FBI’s report, which may back up speculation of North Korean involvement in the incident. Other reports have suggested a group called Guardians Of Peace (GOP) carried out the attack as part of a blackmail operation.

The FBI said the source of the attack remains unknown and the bureau is coordinating its investigation with the US’ Department of Homeland Security. For its part, Sony hired FireEye’s Mandiant incident response team to help deal with the attack.

The Japanese firm has been hit by several high-profile attacks in recent years. In August, Sony’s PlayStation Network (PSN) was taken offline for several hours by a distributed denial-of-service (DDoS) attack, that also affected other online gaming networks, including Blizzard’s Battle.net, Grinding Gear Games and Microsoft’s Xbox Live.

However the most notable incident was a 2011 attack on the PSN that took it offline for a week, and led to the compromise of 77 million users’ credit card details. The incident had a significant financial impact on Sony’s results at the time, and Sony was also fined £250,000 by the ICO in the UK. In July last year it decided not to appeal the penalty on “security grounds”.

Are you a security pro? Try our quiz!