http://www.csoonline.com/article/2854672/business-continuity/the-breach-at-sony-pictures-is-no-longer-just-an-it-issue.html
By Steve Ragan
Salted Hash
CSO
Dec 2, 2014
I'm going to make a prediction.
The breach at Sony Pictures has nothing to do with North Korea, aside form
the fact that the destructive malware believed to be present on Sony's
network is similar to the malware used in South Korea in 2013 - an
incident that was blamed on North Korea.
Furthermore, I predict there will be an insider aspect to Sony's breach.
The first part of the attack on Sony centered on compromising records,
once done, the attackers planted malware that was timed - based on the FBI
memo - to activate just before Thanksgiving. The easiest way to accomplish
this task - assuming I'm right - is by having someone on the inside with
just enough access that everything looks normal with a passive glance at
the logs.
The second part of the attack on Sony is the aftermath, including the
financial burden of dealing with box office losses, employee issues, as
well as any fines that are sure to be levied. Sony's just starting to
enter this phase.
On Monday, GOP (Guardians of Peace), the group claiming responsibility for
the attack on Sony, pushed 25GBs worth of data to the public domain. They
say this is only a fraction of the data they were able to compromise,
suggesting to one media outlet that they were harvesting records for more
than a year before making themselves known.
A year.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
