Light Dark
December 2, 2014 By Shane Schick 2 min read

The first wave of the Sony Pictures hack sounded bad enough, with employees reportedly sent home from work and major systems rendered inaccessible. Now, several online reports suggest the company has been the victim of highly sophisticated malware and a major data theft.

It was reported last week that desktops at the entertainment giant’s offices were covered with an image of a red skeleton and a message from the so-called “Guardians of Peace.” The group said it had stolen data files from the company and was making threats about releasing them unless certain unspecified demands were met.

According to CNBC, the Sony Pictures hack may be getting even worse. Several of the studio’s films, including “Annie” and “Fury,” have been released online without authorization, sparking a wave of online piracy before some of the movies have even hit theaters for the all-important holiday season.

Meanwhile, the FBI has sent out an advisory to businesses about malware that may be linked to the Sony Pictures hack, ZDNet said, although neither authorities nor the company have confirmed it. The FBI document is described as a detailed analysis that suggests the malware can compromise hardware and entire networks with apparent ease.

Sony is by no means taking this attack lying down. According to Reuters, FireEye’s Mandiant unit is conducting a forensic analysis and cleaning up affected systems. Target, which was subject to a major data theft earlier this year, is among Mandiant’s other clients.

When cyberattacks take place, the fallout can include sensitive customer information entering the public domain and financial losses. In this case, there may also be damage to the firm’s corporate reputation. For example, The Daily Mail in the United Kingdom parsed some of the documents that were leaked online to show that its highest-paid executives are almost all white men.

In the long run, however, this could be just the tip of the iceberg. Budget information, passwords and other files are among the 11,000 gigabytes lost in the Sony Pictures hack, Network World said. Even personal IDs, such as passports of A-list celebrities, may be at risk.

For the moment, the company may be focused on simply getting its operations back to normal. The Verge said email systems were still offline in the wake of the attack, while media accounts for some of its films were continuing to be abused over the Thanksgiving weekend, according to the Washington Post.

 |  |  |  |  | 
Shane Schick
Writer & Editor

More from

November 15, 2024

Cybersecurity dominates concerns among the C-suite, small businesses and the nation

4 min read - Once relegated to the fringes of business operations, cybersecurity has evolved into a front-and-center concern for organizations worldwide. What was once considered a technical issue managed by IT departments has become a boardroom topic of utmost importance. With the rise of sophisticated cyberattacks, the growing use of generative AI by threat actors and massive data breach costs, it is no longer a question of whether cybersecurity matters but how deeply it affects every facet of modern operations.The 2024 Allianz Risk…

November 14, 2024

Autonomous security for cloud in AWS: Harnessing the power of AI for a secure future

3 min read - As the digital world evolves, businesses increasingly rely on cloud solutions to store data, run operations and manage applications. However, with this growth comes the challenge of ensuring that cloud environments remain secure and compliant with ever-changing regulations. This is where the idea of autonomous security for cloud (ASC) comes into play.Security and compliance aren't just technical buzzwords; they are crucial for businesses of all sizes. With data breaches and cyber threats on the rise, having systems that ensure your…

November 13, 2024

Adversarial advantage: Using nation-state threat analysis to strengthen U.S. cybersecurity

4 min read - Nation-state adversaries are changing their approach, pivoting from data destruction to prioritizing stealth and espionage. According to the Microsoft 2023 Digital Defense Report, "nation-state attackers are increasing their investments and launching more sophisticated cyberattacks to evade detection and achieve strategic priorities."These actors pose a critical threat to United States infrastructure and protected data, and compromising either resource could put citizens at risk.Thankfully, there's an upside to these malicious efforts: information. By analyzing nation-state tactics, government agencies and private enterprises are…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature