FBI in malware warning to US companies after cyber attack targets Sony Pictures
PUBLISHED : Wednesday, 03 December, 2014, 4:07am
UPDATED : Wednesday, 03 December, 2014, 4:07am
Reuters in Boston
Sony Pictures Entertainment was under a destructive cyberattack last week. Photo: Reuters
The Federal Bureau of Investigation has warned US businesses that hackers have used malicious software to launch a destructive cyberattack in the United States, following a devastating breach last week at Sony Pictures Entertainment.
Cybersecurity experts said the malicious software described in the alert appeared to describe the one that affected Sony, which would mark the first major destructive cyberattack waged against a company on US soil. Such attacks have been launched in Asia and the Middle East, but none have been reported in the US. The FBI report did not say how many companies had been victims of destructive attacks.
"I believe the coordinated cyberattack with destructive payloads against a corporation in the US represents a watershed event," said Tom Kellermann, chief cybersecurity officer with security software maker Trend Micro. "Geopolitics now serve as harbingers for destructive cyberattacks."
The five-page, confidential "flash" FBI warning issued to businesses late on Monday provided some technical details about the malicious software used in the attack. It provided advice on how to respond to the malware and asked businesses to contact the FBI if they identified similar malware.
The report says the malware overrides all data on hard drives of computers, including the master boot record, which prevents them from booting up.
"The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods," the report said.
The FBI released the document in the wake of last Monday's unprecedented attack on Sony Pictures Entertainment, which brought corporate email down for a week and crippled other systems as the company prepares to release several highly anticipated films during the crucial holiday season.
A Sony spokeswoman said the company was "working closely with law enforcement officials".
While the FBI report did not name the victim of the destructive attack in its bulletin, two cybersecurity experts who reviewed the document said it was clearly referring to the breach at the California-based unit of Sony Corporation.
FBI spokesman Joshua Campbell declined to comment when asked if the software had been used against Sony, although he confirmed that the agency had issued the confidential "flash" warning.
"The FBI routinely advises private industry of various cyberthreat indicators observed during the course of our investigations," he said. "This data is provided to help systems administrators guard against the actions of persistent cybercriminals."
Monday's FBI report said the attackers were "unknown".
Yet the technology news site Re/code reported that Sony was investigating to determine whether hackers working on behalf of North Korea were responsible for the attack as retribution for the company's backing of the film The Interview, which mocks Pyongyang.
