It was one thing to hack into and leak celebrities’ private photos, but what about their Social Security and tax ID numbers? In the latest major cyber crime reported, a group calling itself the #GOP a.k.a “Guardians of Peace” did just that when they managed to bring down the computer network at Sony Pictures Entertainment.
Not only did the hackers infiltrate the company’s systems to post threatening messages, they accessed data on more than 47,000 employees dating back to 2000, along with information such as home addresses, healthcare information, contracts, and salaries and posted them for sharing on networks such as Bit Torrent, a peer-to-peer file sharing platform. Even Twitter passwords were hacked and accounts taken over before Sony Pictures could regain control. The company had to resort to shutting down its systems and using pen and paper to communicate securely.
Though Sony Pictures was set to lay blame for the attack at the feet of North Korea, the FBI wasn’t sold. This was in light of the fact that Sony Pictures will be releasing a comedy caper in the coming weeks about a plot to kill North Korea’s leader Kim Jong Un.
A senior FBI official said they were not able to confirm the hacking came from Pyongyang or any affiliated groups, despite early reports that the malware deployed was created on a machine with Korean language settings. North Korea has since denied responsibility for the crime.
The fallout continued when Sony’s PlayStation store was taken down through a DDoS attack earlier this week. Different than the aforementioned theft of personal information, a distributed denial of service attack happens when a digital army is deployed to flood a site with messages and force it to shut down. Inexpensive to launch (about $7 per hour), internet security provider Defense.net estimates that DDoS attacks were up sixteen-fold over 2013. Individual company losses due to this cybercrime were as high as $58 million.
Sony’s movie studio may have to shell out about $100 million to investigate the attack, repair or replace damaged computers, and secure its systems against future threats, according to a report by Re/Code. Though Sony Pictures Entertainment reported profits in excess of $500 million for its last fiscal year, some security analysts say the theft of personal information could have been prevented.
Ken Levine, chief executive of security firm Digital Guardian told Ars Technica, “What we are saying is, not that all breaches are preventable, but what the bad guys get from the breach is absolutely preventable.”
The attack itself, though, was so sophisticated that even the security firm hired by the company asserted that it couldn’t have been prevented entirely. And part of the data stolen could impact other vulnerable businesses. Security certificates used by Sony from trusted providers could be used to feed other malicious code, according to security firm Kaspersky Lab.
So far, the firm says, dozens of files containing the private key and certificate have been leaked online. Though they are password protected, the firm says they can be cracked. “ Not all of these PFX files will be of immediate value to attackers,” the researchers wrote in a statement. “The importance of leaked code-signing keys cannot be overestimated. Software signed by a trusted publishing house will generally be trusted by the operating system, security software and first responders. It’s an extremely powerful way for attackers to stay below the radar.”
Have you taken the appropriate measures to ensure your systems won’t be taken down by future hackers and malware?