The perpetrators of the 2014 cyber attack on Sony photos
amusement were now not activists or disgruntled personnel, and in all
likelihood had attacked different goals in China, India, Japan and Taiwan, in
line with a coalition of protection groups that together investigated the Sony
case for more than a yr.
The coalition, prepared by security analytics employer
Novetta, concluded in a file launched on Wednesday that the hackers were
government-backed but it stopped brief of endorsing the reputable U.S. view
that North Korea turned into to blame.
The Obama management has tied the attack on Sony Corp's
(6758.T) movie studio to its launch of "The Interview," a comedy that
depicted the fictional assassination of North Korean chief Kim Jong Un.
Novetta said the breach "become now not the paintings
of insiders or hacktivists."
"That is very a good deal supportive of the idea that
that is countryside," Novetta leader executive Peter LaMontagne advised
Reuters. "This group was more lively, going farther lower back, and had
extra talents and attain than we thought."
Novetta worked with the most important U.S. protection
software seller Symantec Corp (SYMC.O), top Russian protection firm Kaspersky
Lab and as a minimum 10 other institutions on the investigation, an extraordinary
collaboration involving so many agencies.
They decided that the unidentified hackers were at paintings
considering at the least 2009, 5 years earlier than the Sony breach. The
hackers were able to attain lots of their dreams despite modest abilities due
to the inherent problem in setting up an inclusive cyber safety defense, the
Novetta institution stated.
LaMontagne stated the report turned into the primary to tie
the Sony hack to breaches at South Korean facilities consisting of a power
plant. The FBI and others had formerly stated the Sony attackers reused code
that were utilized in detrimental attacks on South Korean goals in 2013.
The Novetta group said the hackers had been likely
additionally answerable for denial-of-service attacks that disrupted U.S. and
South Korean websites on July 24, 2009. The group stated it found overlaps in
code, tactics and infrastructure between the attacks.
Symantec researcher Val Saengphaibul stated his enterprise
connected the hackers to attacks overdue final 12 months, suggesting the
exposure of the Sony breach and the risk of retaliation via the usa had not
silenced the group.
The coalition of protection groups disbursed technical
indicators to assist others decide in the event that they have been targeted through
the identical hackers, which Novetta dubbed the Lazarus institution.
No comments:
Post a Comment