Posted on 12/01/2014 3:46:00 PM PST by Dacula
The FBI warned U.S. businesses that hackers have used malicious software to launch destructive attacks in the United States, following a devastating cyberattack last week at Sony Pictures Entertainment.
The five-page, confidential "flash" warning issued to businesses late on Monday provided some technical details about the malicious software that was used in the attack, though it did not name the victim.
An FBI spokesman declined comment when asked if the software had been used against the California-based unit of Sony Corp.
The Sony attack resulted in five films being leaked online, including the updated version of "Annie." In the attack on the studio's corporate systems Nov. 24, an image of a skeleton appeared on company computers with a message that said, "Hacked by #GOP," with the group behind it calling itself "Guardians of Peace."
The message threatened to release "secrets and top secrets" of the company. Currently being investigated is a connection between upcoming Sony movie "The Interview," and North Korea.
The FBI occasionally issues "flash" warnings to provide businesses with details about emerging cyber threats to help them defend against new types of attacks. It does not name the victims of those attacks in those reports.
The report said that the malware overrides data on hard drives of computers which can make them inoperable and shut down networks.
It is extremely difficult and costly, if not impossible, to recover hard drives that have been attacked with the malware, according to the report, which was distributed to security professionals at U.S. companies.
Tech Ping worthy?
Wonder if it can affect Macs?
Will ping swordmaker - he will know.
Malware coming out of Ferguson or the White Hut?
Unless you back up regularly and can afford to revert to an image prior to infection by keeping your private data off your hard drive. Then you revert and tell the SOBs to sit on it and spin.
N Korea
Why issue a “confidential” warning?
Using Flash is one way to get malware.
They ought to name it the ‘Rodman’ virus.
Professionals backup to grandfather drives. Meaning, backups on different hard drives. Let's say your current daily backup saves to another drive and both are infected. If you regularly backup the backup drive weekly to a third drive, then that third drive is unaffected. At most you lose a week's worth of new data. It's always a good idea to periodically swap backup drives and store one away as a backup to the backup (store in a safe). Especially if your daily backup is near your work drive; accidents do happen that can take out both drives. Even better, store a backup drive off site in case of fire or theft.
Are copies of the malware being uploaded immediately to IRS computers?
That is why I still prefer to still have a tape backup somewhere. Doesn’t have to be every night anymore, but at least once a month or once a week and take it off-site. So many people are getting burned with using external drives as backups that get infected too along with the network drives.
No. Sony uses Microsoft Windows computers. Mac and Windows suffer from different types of malware. There are only about 50 trojans that will affect a Mac, and all of those are recognized by OS X which will block them from being downloaded, installed, or run, compared to millions of malware for the Windows platform.
Just got nasty thing at the office computer.
Blank black screen with just movable cursor at the Win7 boot. Backups, restore don’t work. Wonder if that’s it.
Took me three days to get rid of it and restore sanity.
Slow Lerner and the IRS want to purchase the code
Sorry to hear about that. I run a Windows image in a partition on my Mac. If Windows crashes, I simply replace it with a fresh copy of a backed up image and restore data to that from backups. Painless. Best protection is to start with a fresh install, and restore data. Other guys periodically do fresh Windows installs, rather than repair a trashed OS.
Security through obfuscation is not a strategy, and working in a mixed environment as an IT architect, I can tell you that Macs are just as much a target for malicious content as Windows machines. Macs, like Linux machines, require several layers of behavioral checks to ensure the user really, really wants to install something. That doesn't make them immune to attacks, it just reduces their risk footprint.
What was the nature of the attack? Trojan? Modified/hacked real application? Web-based drive-by? USB drive infection?
What was its introduction vector - network, human, etc.?
Is it Windows-specific really -- i.e. an executable that only runs on Windows? Or is it only that it's presently tuned to Windows and could be readily tuned for Linux or Mac?
Was the damage at Sony done to the hard drives (hardware) or the drive format structure (filesystem) or the data stored in the filesystem (files, databases)?
Without more info, this is just a nebulous scary "Look out!" of little value....
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.