lolloj - Fotolia

News Stay informed about the latest enterprise technology news and product updates.

FBI warning links wiper malware to Sony Pictures hack

A confidential FBI warning circulated to U.S. businesses warns of attacks that may utilize wiper malware like that used in the Sony Pictures cyberattack.

The Federal Bureau of Investigation has issued a warning to U.S. businesses regarding the potential for cyberattacks using data-wiping malware.                    

The five-page "flash" FBI warning, detailed in a Reuters report, is said to describe the same malware used in a recent attack against Sony Pictures Entertainment, which resulted in the leak of several unreleased motion pictures, as well as financial information, emails and casting details for movies still in production.

One of the leaked films, The Interview, is slated for a Dec. 25 release and features a plot to assassinate Kim Jong Un, the supreme leader of the Democratic People's Republic of Korea, leading to speculation that hackers from North Korea may have been responsible for the incident.

The FBI warning noted that the malware is capable of overriding all data on computers' hard drives, including the master boot record (MBR), which contains information on how a drive is portioned and the boot code needed to run an operating system. The agency asked the U.S. businesses that received the report to contact federal agents if they spot similar malware. It also provided advice on how to respond to such an attack if necessary.

"The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods," the report said.

Wiper malware has yet to be used to target businesses based in the U.S., though firms in the Middle East and Asia have been subjected to the destructive attacks. Attackers famously used the Shamoon malware to target Saudi Arabia-based oil firm Saudi Aramco in 2012, which crippled tens of thousands of systems at the company by destroying MBRs after stealing valuable data. Businesses and media outlets in South Korea suffered similar attacks in 2013, which Symantec attributed to the Whois hacker group.

Next Steps

The recently uncovered Regin malware was yet another example that attackers are growing more sophisticated by the day, but was it a true threat to enterprise security?

Dig Deeper on Malware, virus, Trojan and spyware protection and removal

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.