The US Federal Bureau of Investigation (FBI) is warning businesses that hackers are using malicious software to destroy computer systems, after the destructive hacking of Sony Pictures.
The FBI report, seen by the Guardian, details software used an attack saying that it marked the first destructive cyberattack on a US company.
The FBI does not specifically name Sony Pictures, as is typical of the law enforcement agency, but the Guardian understands that the details come from the attack on Sony Pictures that took control and crippled the studio’s computer systems across its US and international offices.
“The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods,” says the report.
Similar to Saudi Aramco attacks
The attacks appear to have the same modus operandi as those launched against oil giant Saudi Aramco from 2012, which left 30,000 computers inoperable, according to Troels Oerting, director of Europol’s Cyber Crime Centre.
“The FBI routinely advises private industry of various cyber threat indicators observed during the course of our investigations,” a FBI spokesman told Reuters. “This data is provided in order to help systems administrators guard against the actions of persistent cyber criminals.”
The hacking group Guardians of Peace (Gop) claimed responsibility for the hack on Sony Pictures, which saw staff reduced to using pen, paper and fax machines, unable to use their computers. Sources told the Guardian that 70% of files, documents and even film scripts had been deleted.
‘Keep the focus on who performed the hack’
Five Sony Pictures films were leaked onto the internet via file-sharing sites, including Brad Pitt’s Fury as a consequence of the attack. Confidential data, including login details, movie and TV deals and staff payroll details were also leaked onto the internet.
The original links to the leaks on the anonymous text sharing site Pastebin and file-sharing site Mega have now been removed, but it is believed many will still be able to download the files over peer-to-peer networks.
“People will download it anyway and start mirroring it on other torrents, just a matter of time,” said Yonathan Klijnsma, cybercrime security expert from Fox-IT. “Even going after people downloading this is a lost cause [for Sony]. Keep the focus on who performed the hack, that’s where they need to go.”
Several reports have implicated North Korea in the attack on Sony Pictures, which country officials failed to deny. The movie studio is set to release Seth Rogan’s latest film The Interview, a comedy that depicts an assassination attempt on Kim Jong-un.
The North Korean ambassador Ja Song Nam labelled the comedy’s release an “act of war” in a letter to the UN secretary general, Ban Ki-moon, in July, while the North Korean foreign ministry threatened “merciless counter-measures” if the US allowed the release of the film.
Source: Guardian News