decides to respond will set the tone for a whole new kind of cyberwar.Ĭould the Sony hack happen to other companies? If that turns out to be the case, however the U.S. It’s unprecedented for a state actor to conduct a cyberattack of this scale against a U.S. “Are they native English speakers? What programming language do they use? The code will have styles, signatures and tells.”Īnd investigators are tracking the IP addresses from which the attack was launched, which in the case of the Sony hack included infected computers in locations ranging from Thailand to Italy. “There’s a lot of detective work you can do,” says former Department of Justice cybercrime prosecutor Mark Rasch. It may involve probing bulletin boards on the Dark Web, where hackers sometimes go to seek advice on technical troubles. Their investigation, outside security experts say, will be similar in some ways to the forensic analysis that follow a murder: studying data logs, reviewing network communications, poring over code, matching clues to potential motives. Sony has brought in experts at Mandiant, a top security firm, to lead the probe of the hack. FireEye, the parent company of the cybersecurity firm Sony hired to probe the hack, studied the network security of more than 1,200 banks, government agencies and manufacturers over a six-month period ending in 2014, and found that 97% had their last line of defense breached at some point by hackers. That can be a coding error or an employee who clicks on an infected link. Cyber-security experts say the initial breach could have occurred through a simple phishing or spearfishing attempt, in which the hackers find a soft spot in the company’s network defenses. “For now, my recommendation would be that people go to the movies,” Obama said. In an interview with ABC News on Wednesday, President Barack Obama called the hack against Sony “very serious,” but suggested authorities have yet to find any credibility in the threat of attacks against theaters. But it could, of course, be leaked online. Don’t expect to see it soon: Sony said late Wednesday it’s not planning any kind of release. It would also let Sony capitalize on all the sudden interest in the film generated by the hack and threats. That would eliminate pretty much any safety risk to viewers, but could further enrage whoever hacked Sony-assuming they actually care about The Interview and it’s not just a red herring. There’s also a chance Sony could release the film online. What will most likely happen is some limited release in the future when everything calms down, perhaps bypassing theaters and going right to Blu-Ray/DVD and on-demand services. Sony then followed suit, pulling the movie entirely. Department of Homeland Security said there wasn’t any evidence of a credible threat against American movie theaters, but several major chains, including AMC and Regal, decided to play it safe-all told, chains that control about half of the country’s movie screens decided against playing The Interview. People who may or may not have been tied to the hackers posted a vague message Tuesday threatening 9/11-style attacks against theaters that chose to play the film. For example, the perpetrators could’ve manipulated the code or set the computer language to throw suspicion on a convenient culprit. In the world of cyberwarfare, hackers will often dissect and imitate successful techniques.Įven the clues that point toward Pyongyang could be diversions to deflect investigators. That does not necessarily mean the North Korean government, or even the same hacker collective, is responsible. sees North Korea as culprit in Sony attack That group, which is alternately known in the cybersecurity community as DarkSeoul (after its frequent target) or Silent Chollima (after a mythical winged horse), often uses spear-phishing-a cyber-attack that targets a specific vulnerable user or department on a larger network. And the effort bore similarities to attacks by a hacking group with suspected ties to North Korea that has carried out attacks on South Korean targets, including a breach of South Korean banks in 2013. The attackers breached Sony’s network with malware that had been compiled on a Korean-language computer. From a forensic perspective, the hack had hallmarks of North Korean influence.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |