The breach at Sony Pictures is no longer just an IT issue

[InfoSec News <alerts () infosecnews org>]

http://www.csoonline.com/article/2854672/business-continuity/the-breach-at-sony-pictures-is-no-longer-just-an-it-issue.html

By Steve Ragan
Salted Hash
CSO
Dec 2, 2014

I'm going to make a prediction.

The breach at Sony Pictures has nothing to do with North Korea, aside form 
the fact that the destructive malware believed to be present on Sony's 
network is similar to the malware used in South Korea in 2013 - an 
incident that was blamed on North Korea.

Furthermore, I predict there will be an insider aspect to Sony's breach. 
The first part of the attack on Sony centered on compromising records, 
once done, the attackers planted malware that was timed - based on the FBI 
memo - to activate just before Thanksgiving. The easiest way to accomplish 
this task - assuming I'm right - is by having someone on the inside with 
just enough access that everything looks normal with a passive glance at 
the logs.

The second part of the attack on Sony is the aftermath, including the 
financial burden of dealing with box office losses, employee issues, as 
well as any fines that are sure to be levied. Sony's just starting to 
enter this phase.

On Monday, GOP (Guardians of Peace), the group claiming responsibility for 
the attack on Sony, pushed 25GBs worth of data to the public domain. They 
say this is only a fraction of the data they were able to compromise, 
suggesting to one media outlet that they were harvesting records for more 
than a year before making themselves known.

A year.

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/