Security Advisor
FBI Issues Malware Attack Warning for Businesses After Sony Hack
U.S. companies should be on the lookout for wiper malware that could brick computers.
The FBI released a confidential five-page report on Monday that warns of a sophisticated wiper malware that could be targeting U.S. businesses.
In the "flash" report that was sent to businesses who were advised to keep the report a secret, the FBI outlined that the malware had already been used against an unidentified corporate target. Reuters, who has seen the released warning, reports that while the targeted company was not named, it's believed to be connected to last week's cyber attack on Sony Pictures Online. The media company's network was allegedly breached and many of the company's holiday movies, including "Annie" and "Fury," were leaked online and large portions of its network services, including e-mail, were brought offline. A message was also displayed on affected systems saying the Sony network was "Hacked By #GOP," short for a hacker group named Guardians of Peace.
Providing some technical detail to businesses, the FBI said the malware can wipe all the contents of a system, leading to it not being able to boot up. "The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods," read the report, according to Reuters.
While little information was given on the identity of those responsible, the report stated that the malware was built using Korean language development tools. North Korea is suspected to be involved based off the similarities between the malware attack against Sony Pictures Online and a 2013 attack against South Korean banks, Middle East oil producers and worldwide media outlets, according to The New York Times.
The Times theorized that the possible motive for the attack could be this month's release of "The Interview," a comedy in which individuals try to infiltrate North Korea in an attempt to assassinate Kim Jong Un. Sony Pictures Entertainment, in conjunction with law enforcement agencies, is currently investigating if the attacks did originate from North Korea.
The report provided details for corporate IT to look out for in case of a similar attack hits their network, and includes instructions on what to do if a suspected breach occurs.