The Associated Press confirmed that the FBI is investigating an attack on Sony Pictures’ website, which caused major disruption of corporate email service for a week and problems with other internal systems. Sony employees reported seeing an image of a red skull on their screens with the message “Hacked by #GOP,”the initials of a group called Guardians of Peace. Unauthorized file sharing websites are now distributing copies of Sony films still in theaters and others that have not yet been released, causing severe economic losses.
The Sony intrusion shows that bad actors not only want to steal proprietary information, but are capable of inflicting great damage onto corporate networks. Sony lost its email service for about a week—that is devastating to its critical processes. Early reports say that Sony’s network may take up to three weeks to return back to normal. Whether the attackers were the North Korean organization #Guardians of Peace or someone else, attacking and damaging a company’s email server and database is a serious escalation in tactics.
As with most intrusions, email was the most likely initial attack vector. Reports, however, discuss how the malware is not new, and has been used previously on a number of banks and media companies. Once the malware information is released and we learn exactly what was used and how, we will analyze and provide updates.
EdgeWave EPIC is a Military-Grade approach to cyber security that combines expert analyst review, advanced technology, and a rigorous cyber operations approach to deliver real-time, active defense against cyber threats. Learn more or watch a short video.