The Federal Bureau of Investigation (FBI) has warned US businesses that computer hackers or other cyber criminals have used malicious software to launch what it calls “destructive” attacks against American organisations.
The warning – intitially reported by Reuters – comes following a cyber attack on Sony Pictures Entertainment, which saw the company forced to turn off its systems as a dramatic precaution. The attack made several Sony films available on the internet, with North Korea suspected of being the culprit of the attack.
North Korea is upset about an upcoming comedy film by Sony Pictures which depicts an attempted assassination of the country’s leader, Kim Jong-un. North Korea hasn’t denied a role in the cyber attack and when asked about involvement, a spokesman only responded with “wait and see”.
Whoever the culprits behind the attacks on Sony Pictures Entertainment are, Sony as a company doesn’t have the greatest track record when it comes to defending against cyber attacks. In August this year, Sony’s PlayStation Network – which forms the backbone of PlayStation 4’s online services – was taken down following an attack.
Not only that, but the PlayStation Network was infamously offline for a whole month following a security breach in April 2011.
The latest attack against Sony has prompted the FBI to warn US businesses that they need to protect their systems from “destructive” cyber attacks.
“The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods,” the report said.
The five-page report – which was supposed to remain confidential – was released to US businesses on Monday and contained information about some of the malicious software used in cyber attacks.
It also contains information about how to respond if systems are thought to be infected by malware and details on how to directly contact the FBI if businesses think they’ve been the victim of a cyber attack.
The FBI has however declined to state whether the report mentions the specific malware used in the attack against Sony, but admitted the agency had sent out a “flash” warning to US businesses.
“The FBI routinely advises private industry of various cyber threat indicators observed during the course of our investigations,” said FBI spokesman Joshua Campbell.
“This data is provided in order to help systems administrators guard against the actions of persistent cyber criminals,” he added.
Commenting on the nature of the Sony hack, a Malwarebytes spokesperson observed that the attack was designed to generate a lot of publicity.
“What’s particularly interesting about this recent attack is its destructive nature. This goes against the grain of today’s sophisticated corporate malware, which is usually designed to secretly gather valuable information whilst remaining under the radar,” they said
“By contrast, it seems that the intention of these attacks was purely disruptive,” the spokesperson continued.
“As always in these situations, people should listen to the advice given by government agencies and prepare themselves appropriately,” they added.
Research suggests that nation states are increasingly becoming the perpetrators of cyber attacks, either by launching attacks themselves, or by sponsoring hackers to do it on their behalf.