US Firms Receive a Warning From FBI Regarding Destructive Malware Attacks
US firms received a confidential flash warning that has been issued by the FBI. Warning claimed that US firms’ corporate data is at the risk of being wiped down by a new, quite destructive, malware campaign that is specifically designed for this.
The five-page Warning, which has been issued on Monday, contained technical malware’s details and tips on how to fight it and respond, as stated by Reuters, which attained the report separately.
There is no clear relation between the Sony hack and the FBI’s statements to have spotted a destructive cyber-attack on US soil for the first time, however the timing between the two does suggest that there may be some connection.
The cyber-attack which was targeted at Sony Pictures was so severe that the company was forced to have its corporate network shut down for a week and now it as far as it’s known recruited FireEye business Mandiant in order for it to help to respond to the incident.
Incident response firm Mandiant is well known for its participation in unmasking the units of Chinese PLA which were behind a few high profile APT groups backed by state as well as a few other large breaches, including the attack on Target Corp that took its place in 2013.
Going back to the attacks themselves, as apparently claimed in the FBI report, malware prevents victim company’s hard drivers from booting up by overriding data on it including the MBR (master boot record).
According to Reuters, it explained that it will be not just costly but also extremely difficult or close to impossible to recover overwritten data files using the standard forensic methods.
As of now, the attackers are yet to be identified, however news surfaced on Monday that they could have relation to North Korea and performed the attack on Sony Pictures in retribution for it backing a new film called The Interview which was publicly and sarcastically criticizing the totalitarian state.
Following the cyber-attack a total of five films from Sony Pictures have been leaked online including war movie “Fury,” featuring Brad Pitt. Reportedly it was the No. 2 downloaded movie at file sharing (in a torrent form) website called The Pirate Bay.
North Korea is notorious for destructive online attacks, also being blamed for knocking out computers in few banks and TV stations in the South Korean capital last year during the Dark Seoul campaign. Banking services for customers went offline due to these attacks as well.
Tier-3 Huntsman’s head of product management, Piers Wilson, pointed argued that due to state-sponsored attacks nowadays technically putting all organizations at risk, much greater alertness is necessary to quickly detect and respond.
P. Wilson noted that it’s vital to be able to detect the activity of a possible attack in action, especially if it will cause harmful consequences, and to be able not just to understand it but also contain and prevent it or its threat before any data gets leaked in large amounts or even destroyed, either of those two would mean hard times for the company for quite obvious reasons.
Due to the fact that such attacks are just plain hard to predict, companies need to make sure that they can identify potentially dangerous behavior from systems or personnel and act quick in order to get rid of the threat before it’s too late.
Spokesperson for Malwarebytes noted that US businesses should turn attention to FBI’s advice. They also added that it’s especially interesting how the nature of this recent attack is destructive. Usually nowadays’ refined corporate malware is designed to gather valuable data and information “under the hood” or in other words without being detected. However it’s clear that these attacks’ intention was entirely disruptive.
While big US and other all over the world companies are not able to protect not just themselves but also its users, it’s in your own hands to protect your personal data and information. We offer remarkable and one of the strongest encryption methods and many other top notch features such as double data encryption, kill switch technique, Tor over VPN and strict no log policy that will let you stay secure and safe by protecting your privacy online from virtually anyone.