Monday 8 December 2014

Sony Malware May Be Linked To Other Damaging Attacks

Identification of Technical Evidence at Sony Corp’s Hollywood Studio

Researchers of Cyber security have identified what according to them is technical evidence linking massive breach at Sony Corp’s Hollywood studio with the attacks in South Korea and the Middle East. Kaspersky Lab, a Moscow based security software maker stated that it has uncovered evidence that all the three campaigns could have been launched by one group or it could have been facilitated by an individual organisation who are well versed in working with destructive malware.

Cyber attackers had damaged thousands of computers at Saudi Arabia’s national oil company as well as Qatar’s RasGas with virus known as Shamoon in 2012, which is one of the most destructive campaigns till date and Iran has been blamed by the U.S. officials.

A year ago, over 30,000 PCs were affected at South Korean banks as well as broadcasting companies by similar attack that cyber security researchers were of the belief that it was launched from North Korea. Kurt Baumgartner, Kaspersky researcher informed Reuters that there are `unusually striking similarities’ which are related to the malicious software and techniques in both the campaigns and the Sony attack on Nov. 24 in which a malware was dubbed `Destover’, was used.

Perpetrator Access to Confidential Information 

The attack had crippled the computer systems giving the perpetrator access to confidential employee information which also included the executive salaries. The attack is said to have used a so called wiper virus which can erase data and has the capabilities of bringing down networks with thousands of computers thereby preventing companies in conducting their business.Similarities were described by Baumgartner in depth in a technical blog which was published recently on Kaspersky’s website.

He stated in an interview that `it could be a single actor or it could be that there are trainers or individuals who float across groups’. According to him he states that the evidence indicate that the hackers from North Korea were the cause of the attack on Sony though it is unclear whether they work directly for the government.

Several of the cyber security researchers are not in agreement with Kaspersky’s interpretation of the technical evidence. Symantec Corp. a California based company had stated in a blog post that it also sees similarities between the attacks against Sony and the Shamoon campaign and attributes it to being copied stating that there does not seem to be any evidence that the same group is behind both attacks.

Critical Infrastructure At Risk

Chertoff co-founder and executive chairman of The Chertoff Group, which is a global security consultancy based in Washington commented in an interview that `either for political or economic reasons at some point, sophisticated actors are going to be more willing to use destructive malware.

He adds further that Sony attack shows that critical infrastructure is at risk and the potential for cyber weapons to be deployed continues to increase. Cyber security companies fear for more destructive attacks in the forthcoming months.

Chief executive officer, Ron Gula, for Tenable Network Security Inc., which is based in Columbia, Maryland comments, `if attacks like those against Sony continue against other U.S. companies, 2015 could be a year of disrupted services’.

No comments:

Post a Comment

Note: only a member of this blog may post a comment.