Yet it is exactly the kind of behavior we have come to expect from a regime that threatened to take 'merciless countermeasures' against the U.S. The first public report concerning a North Korean link to the attack was published by Re/code on November 28 and later confirmed by NBC News. Sony quickly organized internal teams to try to manage the loss of data to the Internet, and contacted the FBI and the private security firm FireEye to help protect Sony employees whose personal data was exposed by the hack, repair the damaged computer infrastructure and trace the source of the leak. In the days following this hack, the Guardians of Peace began leaking yet-unreleased films and started to release portions of the confidential data to attract the attention of social media sites, although they did not specify what they wanted in return. that evening, although no apparent threat was made when that deadline passed. In addition to the activation of the malware on November 24, the message included a warning for Sony to decide on their course of action by 11:00 p.m.
This email message had been mostly ignored by executives, lost in the volume they had received or treated as spam email.
This followed a message that several Sony Pictures executives had received via email on the previous Friday, November 21 the message, coming from a group called "God'sApstls", demanded "monetary compensation" or otherwise, "Sony Pictures will be bombarded as a whole". Several Sony-related Twitter accounts were also taken over. Sony was made aware of the hack on Monday, November 24, 2014, as the malware previously installed rendered many Sony employees' computers inoperable by the software, with the warning by a group calling themselves the Guardians of Peace, along with a portion of the confidential data taken during the hack. The components clearly suggest an intent to gain repeated entry, extract information, and be destructive, as well as remove evidence of the attack. Components of the attack included a listening implant, backdoor, proxy tool, destructive hard drive tool, and destructive target cleaning tool. Although Sony was not specifically mentioned in its advisory, US-CERT said that attackers used a Server Message Block (SMB) Worm Tool to conduct attacks against a major entertainment company. The hackers involved claim to have taken more than 100 terabytes of data from Sony, but that claim has never been confirmed. A purported member of the Guardians of Peace (GOP) who has claimed to have performed the hack stated that they had access for at least a year prior to its discovery in November 2014, according to Wired. investigators say the culprits spent at least two months copying critical files. The exact duration of the hack is yet unknown.
0 kommentar(er)
