Categories: Security

FBI Warns Of Destructive Cyber-Attacks Following Sony Pictures Breach

The FBI has warned US companies of a destructive cyber-attack in an alert that industry experts say appears to refer to the hack of Sony Pictures last week.

The five-page “flash” warning, issued late on Monday, gives technical details of the malware used in the attack, which it says makes computer hard drives unusable, meaning they must be replaced or re-imaged from scratch

Hard drives wiped

According to Reuters, which independently obtained a copy of the report, the warning was sent to security officers of some US companies, with a request that the details remain private.

“The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods,” the report apparently said.

Industry observers have said the attack on Sony marks the first time a major, destructive cyber-attack has been carried out against a company in the US. The attack disabled the Sony subsidiary’s corporate email for a week, affected other systems and resulted in several Sony films being leaked online.

Reuters said two unnamed security experts said the data in the FBI warning matched information about the Sony hack. The FBI confirmed it had sent the advisory, but didn’t give further details.

Unknown attackers

Some of the software used in the attack was compiled in Korean, according to the technical section of the FBI’s report, which may back up speculation of North Korean involvement in the incident. Other reports have suggested a group called Guardians Of Peace (GOP) carried out the attack as part of a blackmail operation.

The FBI said the source of the attack remains unknown and the bureau is coordinating its investigation with the US’ Department of Homeland Security. For its part, Sony hired FireEye’s Mandiant incident response team to help deal with the attack.

The Japanese firm has been hit by several high-profile attacks in recent years. In August, Sony’s PlayStation Network (PSN) was taken offline for several hours by a distributed denial-of-service (DDoS) attack, that also affected other online gaming networks, including Blizzard’s Battle.net, Grinding Gear Games and Microsoft’s Xbox Live.

However the most notable incident was a 2011 attack on the PSN that took it offline for a week, and led to the compromise of 77 million users’ credit card details. The incident had a significant financial impact on Sony’s results at the time, and Sony was also fined £250,000 by the ICO in the UK. In July last year it decided not to appeal the penalty on “security grounds”.

Are you a security pro? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

UN Body To Protect Subsea Cables Holds First Meeting

United Nations body to protect undersea communications cables that are crucial for international trade and…

21 mins ago

Meta Donates $1 Million To Donald Trump Inauguration Fund

Weeks after CEO Mark Zuckerberg met with Donald Trump privately at Mar-a-Lago, comes news of…

2 hours ago

US To Raise Tariffs On Chinese Solar Wafers, Polysilicon, Tungsten

Protecting American clean energy businesses. Biden administration plans to raise tariffs on certain Chinese products

3 hours ago

Australia To ‘Charge’ Tech Firms For News Content, After Meta Ends Licensing Deal

News fee. Australia looks introduce mandatory charge on social media platforms and search engines to…

3 hours ago