Security Advisor

FBI Issues Malware Attack Warning for Businesses After Sony Hack

U.S. companies should be on the lookout for wiper malware that could brick computers.

The FBI released a confidential five-page report on Monday that warns of a sophisticated wiper malware that could be targeting U.S. businesses.

In the "flash" report that was sent to businesses who were advised to keep the report a secret, the FBI outlined that the malware had already been used against an unidentified corporate target. Reuters, who has seen the released warning, reports that while the targeted company was not named, it's believed to be connected to last week's cyber attack on Sony Pictures Online. The media company's network was allegedly breached and many of the company's holiday movies, including "Annie" and "Fury," were leaked online and large portions of its network services, including e-mail, were brought offline. A message was also displayed on affected systems saying the Sony network was "Hacked By #GOP," short for a hacker group named Guardians of Peace.

Providing some technical detail to businesses, the FBI said the malware can wipe all the contents of a system, leading to it not being able to boot up. "The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods," read the report, according to Reuters.

While little information was given on the identity of those responsible, the report stated that the malware was built using Korean language development tools. North Korea is suspected to be involved based off the similarities between the malware attack against Sony Pictures Online and a 2013 attack against South Korean banks, Middle East oil producers and worldwide media outlets, according to The New York Times.

The Times theorized that the possible motive for the attack could be this month's release of "The Interview," a comedy in which individuals try to infiltrate North Korea in an attempt to assassinate Kim Jong Un. Sony Pictures Entertainment, in conjunction with law enforcement agencies, is currently investigating if the attacks did originate from North Korea.

The report provided details for corporate IT to look out for in case of a similar attack hits their network, and includes instructions on what to do if a suspected breach occurs.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Basic Authentication Extended to 2H 2021 for Exchange Online Users

    Microsoft is now planning to disable Basic Authentication use with its Exchange Online service sometime in the "second half of 2021," according to a Friday announcement.

  • Microsoft Offers Endpoint Configuration Manager Advice for Keeping Remote Clients Patched

    Microsoft this week offered advice for organizations using Microsoft Endpoint Configuration Manager with remote Windows systems that need to get patched, and it also announced Update 2002.

  • Azure Edge Zones Hit Preview

    Azure Edge Zones, a new edge computing technology from Microsoft designed to enable new scenarios for developers and partners, emerged as a preview release this week.

  • Microsoft Shifts 2020 Events To Be Online Only

    Microsoft is shifting its big events this year to be online only, including Ignite 2020.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.