Security Advisor

FBI Issues Malware Attack Warning for Businesses After Sony Hack

U.S. companies should be on the lookout for wiper malware that could brick computers.

The FBI released a confidential five-page report on Monday that warns of a sophisticated wiper malware that could be targeting U.S. businesses.

In the "flash" report that was sent to businesses who were advised to keep the report a secret, the FBI outlined that the malware had already been used against an unidentified corporate target. Reuters, who has seen the released warning, reports that while the targeted company was not named, it's believed to be connected to last week's cyber attack on Sony Pictures Online. The media company's network was allegedly breached and many of the company's holiday movies, including "Annie" and "Fury," were leaked online and large portions of its network services, including e-mail, were brought offline. A message was also displayed on affected systems saying the Sony network was "Hacked By #GOP," short for a hacker group named Guardians of Peace.

Providing some technical detail to businesses, the FBI said the malware can wipe all the contents of a system, leading to it not being able to boot up. "The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods," read the report, according to Reuters.

While little information was given on the identity of those responsible, the report stated that the malware was built using Korean language development tools. North Korea is suspected to be involved based off the similarities between the malware attack against Sony Pictures Online and a 2013 attack against South Korean banks, Middle East oil producers and worldwide media outlets, according to The New York Times.

The Times theorized that the possible motive for the attack could be this month's release of "The Interview," a comedy in which individuals try to infiltrate North Korea in an attempt to assassinate Kim Jong Un. Sony Pictures Entertainment, in conjunction with law enforcement agencies, is currently investigating if the attacks did originate from North Korea.

The report provided details for corporate IT to look out for in case of a similar attack hits their network, and includes instructions on what to do if a suspected breach occurs.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Surface and ARM: Why Microsoft Shouldn't Follow Apple's Lead and Dump Intel

    Microsoft's current Surface flagship, the Surface Pro X, already runs on ARM. But as the ill-fated Surface RT showed, going all-in on ARM never did Microsoft many favors.

  • IT Security Isn't Supposed To Be Easy

    Joey explains why it's worth it to endure a little inconvenience for the long-term benefits of a password manager and multifactor authentication.

  • Microsoft Makes It Easier To Self-Provision PCs via Windows Autopilot When VPNs Are Used

    Microsoft announced this week that the Windows Autopilot service used with Microsoft Intune now supports enrolling devices, even in cases where virtual private networks (VPNs) might get in the way.

  • Most Microsoft Retail Locations To Shut Down

    Microsoft is pivoting its retail operations to focus more on online sales, a plan that would mean the closing of most physical Microsoft Store locations.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.