Filed Under:Carrier Innovations, Analytics & Data

North Korea could be behind Sony breach

Sony Pictures Entertainment headquarters in Culver City, Calif. (AP Photo/Nick Ut)
Sony Pictures Entertainment headquarters in Culver City, Calif. (AP Photo/Nick Ut)

(Bloomberg) -- North Korea may have had a hand in a digital attack against Sony Pictures that used destructive malware to disable systems and destroy data, according to two people with the knowledge of the investigation.

Some of the malware contained Korean language code, and other aspects of the breach bear important similarities to attacks that wiped out the computers of South Korean banks and broadcasters in March 2013, said the people, who weren’t authorized to speak publicly and asked not to be identified.

The FBI sent a flash alert to U.S. companies about the malware yesterday, mentioning the use of Korean language, while not linking it directly to the Nov. 25 attack on Sony Corp.’s Culver City, California-based entertainment unit. One of the people confirmed the alert refers to malware in the Sony case.

“We consider that the theories regarding the attribution to North Korea are credible,” said John Hultquist, senior cyber espionage practice lead at iSight Partners, a Dallas-based cybersecurity company.

ISight isn’t involved in the Sony investigation. It has analyzed other destructive attacks linked to North Korean hackers, Hultquist said.

The malware, designed by unknown operators, has the ability to overwrite data files, including what’s called the master boot record, making computers unusable, the FBI said in its five-page alert to companies.

The use of destructive malware has been a hallmark of North Korean attacks, including devastating attacks last year against some of South Korea’s largest banks and at least two major television broadcasters.

Crippling Assault

The attack on Sony crippled its computer systems, forcing some employees to communicate by text message.

The attackers also were able to obtain copies of recent and imminent motion-picture releases that were then posted on the Internet for download.

The breach occurred a month before the scheduled release of “The Interview,” a comedy about a CIA plot to kill North Korea’s leader, Kim Jong-Un.

The Seth Rogen film, currently advertised for release on Dec. 25, features Rogen and James Franco as TV producers who are recruited by the Central Intelligence Agency to assassinate Kim. Plans for the film drew a rebuke from the country, with a foreign ministry spokesman saying in state media that the release would be an “act of war,” according to the BBC.

“In furtherance of public-private partnerships, the FBI routinely advises private industry of various cyber threat indicators observed during the course of our investigations,” Joshua Campbell, a bureau spokesman, said in an e-mail. “This data is provided in order to help systems administrators guard against the actions of persistent cyber criminals.”

Copyright 2017 Bloomberg. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Related

Unreleased films stolen in Sony cyber attack

The company faces holiday box office losses after unreleased films were leaked online in a cyber attack.

Featured Video

Most Recent Videos

Video Library ››

Top Story

Winners announced for NU’s Agency of the Year Award

The winners of NU’s 2017 Agency of the Year Award have been selected, and will be featured in profile stories in our October print edition and right here on PropertyCasualty360.com.

Top Story

Do you qualify for NU’s Excellence in Cyber Security Risk Management Award?

Gain your cybersecurity risk management program the recognition it deserves. Nominate your program for the NU Excellence in Cyber Security Risk Management Award today!

More Resources

Comments

eNewsletter Sign Up

Carrier Innovations eNewsletter

Critical news on the latest tech solutions, information security, analytics and data tools and regulatory changes to help decision-makers at insurance carriers keep their business thriving – FREE. Sign Up Now!

Mobile Phone

Advertisement. Closing in 15 seconds.