Sony Pictures, les nord-coréens, les russes : l’attribution quand on ne sait pas. Cybersecurity: Defending 'unpreventable' cyber attacks. 2 February 2015Last updated at 19:02 ET By Paul Rubens Technology reporter Some cybercriminals will always be able to get into your network, warns cybersecurity expert James Lewis Businesses should stop worrying about preventing intruders getting into their computer networks, and concentrate instead on minimising the damage they cause when they do.
That's the view of James Lewis, a cybersecurity expert at the Washington DC-based Center for Strategic and International Studies (CSIS). Mr Lewis says that no company can prevent an attack launched by hackers who have the resources of a nation-state behind them from succeeding. White House seeks cyber bounce from Sony hack concerns - POLITICO. The White House is preparing a policy package of executive actions and proposed legislation to promote cyberthreat information sharing — taking advantage of public worries following the Sony hack, multiple sources familiar with the planning tell POLITICO.
The effort is part of a broader White House policy initiative on cybersecurity, identity security and privacy that will begin next week in the lead-up to the State of the Union Address Jan 20. Story Continued Below On Saturday, the administration announced a four-day swing next week by President Barack Obama to roll out several proposals and executive actions on those cybersecurity issues, and on affordable broadband access, as a second week of a nationwide road show by the president on the economy and national infrastructure. Monday, he will visit the FTC in Washington announcing the next steps in his BuySecure Initiative.
(POLITICO's State of the Union 2015 coverage) Feedback Friday: Is North Korea Behind the Sony Hack? In late November, Sony Pictures Entertainment was hacked by a group calling itself Guardians of the Peace (GOP).
What initially appeared to be another hacktivist attack, later turned out to be a sophisticated operation possibly orchestrated by a state actor. The hackers’ activities came to light on November 24, when the computers of Sony employees started displaying an image of a skull accompanied by a warning message. In the following days, the hackers started leaking large amounts of information stolen from the entertainment giant’s networks. The leaked data included unreleased movies, private emails, the personal details of actors, financial and business information, and employee records (including medical information). Commentaires : Piratage de Sony Pictures : " Un tournant dans l'histoire de la cybersécurité " selon le général Watin-Angouard.
Commentaires : FBI’s Sony Attribution: Doubts Continue. Security Experts Question Scant North Korean Evidence in Hack By Mathew J.
Schwartz, January 8, 2015. FBI Director James Comey's Jan. 7 remarks defending the bureau's attribution of the hack attack against Sony Pictures Entertainment to "North Korea actors" haven't silenced many information security experts, who say they remain unconvinced there's enough evidence to attribute the attack to anyone (see FBI Defends Sony Hack Attribution). See Also: Mobile Deposits & Fraud: Managing the Risk Comey said he has "very high confidence about this attribution to North Korea, as does the entire intelligence community. " Comey offered an additional piece of evidence to substantiate the FBI's attribution, revealing that attackers several times "got sloppy" - by failing to hide behind a proxy server - and thus inadvertently revealed their real IP address, which the FBI found corresponded with addresses used "exclusively" by North Korean-backed hackers in the past. FBI briefed on alternate Sony hack theory - Tal Kopan - POLITICO.
FBI agents investigating the Sony Pictures hack were briefed Monday by a security firm that says its research points to laid-off Sony staff, not North Korea, as the perpetrator — another example of the continuing whodunit blame game around the devastating attack.
Even the unprecedented decision to release details of an ongoing FBI investigation and President Barack Obama publicly blaming the hermit authoritarian regime hasn’t quieted a chorus of well-qualified skeptics who say the evidence just doesn’t add up. Story Continued Below Researchers from the cyber intelligence company Norse have said their own investigation into the data on the Sony attack doesn’t point to North Korea at all and instead indicates some combination of a disgruntled employee and hackers for piracy groups is at fault. The FBI says it is standing by its conclusions, but the security community says they’ve been open and receptive to help from the private sector throughout the Sony investigation.
Cybersecurity Firm Identifies Six In Sony Hack — One A Former Company Insider. Cybersecurity Firm Identifies Six In Sony Hack — One A Former Company Insider Norse, the cybersecurity firm that first identified a potential insider in the massive November hack of Sony Pictures, believes it’s uncovered evidence on six individuals primarily involved in the attack, including one former Sony employee with ”extensive knowledge of the company’s network and operations.”
Senior vice president at Norse Kurt Stammberger told the Security Ledger late Sunday the company has identified six people “with direct involvement in the hack,” two of whom are based in the U.S. along with one in Canada, Singapore and Thailand. The list also includes a former decade-long Sony veteran who “worked in a technical role” and was laid off in May. The FBI has attributed all of the above to North Korea due to the film’s plot, which centers around an attempt to assassinate North Korean dictator Kim Jong-un.
UNCONVINCING CLAIMS Experts skeptical N. Korea source of Sony hack. It’s been a week given a U.S. supervision blamed North Korea for a cyber-attack opposite Sony Pictures Entertainment — and many confidence experts still aren’t assured Kim Jong-un is a culprit.
The FBI’s announcement, rather than settling a debate, has usually fueled widespread conjecture over a source of a attack. Skeptics explain a justification a FBI cited is groundless and inconclusive. L'attaque de Sony Pictures illustre le nouvel âge de la cyberguerre. Pyongyang accuse Washington après la coupure d'internet. Le Lizard Squad? Une ancienne employée? La Russie? L'enquête sur Sony vire au Cluedo géant. Sony hack: Is Congress next? Government agencies and congressional offices are vulnerable to the same kind of cyberattack that hit Sony Pictures, experts say.
Lawmakers on Capitol Hill are well aware of the growing threat online, and many tell staff to act as if everything they write in email could one day become public. “I try to inspire my staff often that when they write an email, they write it as if it should be right on the front page of your newspaper,” said Rep. Brad Sherman (D-Calif.), whose district includes Hollywood, in an interview with The Hill. The assault on Sony exposed humiliating internal conversations, unveiled secretive plans and caused the studio to temporarily press pause on a multi-million dollar motion picture. Investigators: hackers stole Sony passwords. Your video will begin momentarily.
U.S. government officials are preparing to name North Korea as the culprit behind the Sony hackThe Obama administration is holding high-level meetings to discuss the matter Washington (CNN) -- U.S. investigators have evidence that hackers stole the computer credentials of a system administrator to get access to Sony's computer system, allowing them broad access, U.S. officials briefed on the investigation tell CNN. The finding is one reason why U.S. investigators do not believe the attack on Sony was aided by someone on the inside, the officials tell CNN. Piratage de Sony Pictures: La piste d'un ex-employé relancée par un expert. TECHNOLOGIE Le FBI, qui accuse la Corée du Nord, n'a pas convaincu tout le monde...
Piratage de Sony: les États-Unis répondront de façon proportionnelle - Amériques. Alert (TA14-353A) Targeted Destructive Malware. The US-CERT released on December 19 the Alert (TA14-353A) Targeted Destructive Malware. The alert was updated on December 20. Systems Affected Microsoft Windows Overview. Film censuré: ce que l'on sait du piratage de Sony. Cinq clés pour comprendre le piratage de Sony.
Indicators of Compromise for Malware Used by Sony Hackers. Just hours after the FBI and President Obama called out North Korea as being responsible for the destructive cyber attack against Sony Pictures, US-CERT issued an alert, describing the primary malware used by the attackers, along with indicators of compromise. While not mentioning Sony by name in its advisory, instead referring to the victim as a “major entertainment company,” US-CERT said that the attackers used a Server Message Block (SMB) Worm Tool to conduct the attacks.
According to the advisory, the SMB Worm Tool is equipped with five componments, including a Listening Implant, Lightweight Backdoor, Proxy Tool, Destructive Hard Drive Tool, and Destructive Target Cleaning Tool. The advisory also provides a summary of the C2 IP addresses, Snort signatures for the various components, host based Indicators, potential YARA signatures to detect malware binaries on host machines, and recommended security practices and tactical mitigations. Obama Warns North Korea Over Sony Hack: 'We Will Respond' US President Barack Obama on Friday warned North Korea it would face retaliation for a crippling cyber attack on Sony Pictures over an irreverent film comedy that infuriated Pyongyang. Obama said the movie giant had "made a mistake" in canceling the Christmas Day release of "The Interview," a madcap romp about a CIA plot to kill North Korean leader Kim Jong-Un.
Sony defended its decision, made after anonymous hackers invoked the 9/11 attacks in threatening cinemas screening the film, prompting theater chains to say they would not risk showing it. An envoy for Pyongyang denied the secretive state was behind the hacking, which led to the release of a trove of embarrassing emails, scripts and other internal communications, including information about salaries and employee health records. Addressing reporters after the FBI said Pyongyang was to blame, Obama said Washington would never bow to "some dictator. " "We will respond. Welcome to Forbes. Sony Breach May Have Exposed Employee Healthcare, Salary Data. The recent hacker break-in at Sony Pictures Entertainment appears to have involved the theft of far more than unreleased motion pictures: According to multiple sources, the intruders also stole more than 25 gigabytes of sensitive data on tens of thousands of Sony employees, including Social Security numbers, medical and salary information.
Screen shot from an internal audit report allegedly stolen from Sony and circulating on file-trading networks. Several files being traded on torrent networks seen by this author include an global Sony employee list, a Microsoft Excel file that includes the name, location, employee ID, network username, base salary and date of birth for more than 6,800 individuals. Sony officials could not be immediately reached for comment; a press hotline for the company rang for several minutes without answer, and email requests to the company went unanswered.
Pyongyang mise sur la cyber-guerre pour combler son retard. L'attaque de Sony Pictures illustre le nouvel âge de la cyberguerre. Affaire Sony : le FBI désigne formellement la Corée du Nord comme responsable, Médias. Médias. Pyongyang miserait sur la cyber-guerre. Piratage de Sony : vers une cyberguerre mondiale ? Les responsables du piratage de Sony sont des cyberterroristes. C'est la première fois que nous assistons à une cyberattaque d'une telle ampleur, et c'est pourquoi elle est si terrifiante. Dans une succession de cyberattaques, détectées pour la première fois le 24 novembre, un mystérieux groupe se faisant appeler les «Gardiens de la paix» a volé puis divulgué les informations personnelles et médicales de tous les employés de Sony Pictures, révélé une somme de documents internes et confidentiels, laissé l'entreprise dans un état de paralysie technologique et fait état de vagues revendications voulant que «[sa] demande soit satisfaite».
Une «demande» qui semble de plus en plus se focaliser sur le film The Interview, une comédie de James Franco et Seth Rogen dans laquelle le leader nord-coréen Kim Jong-un se fait assassiner. L'ampleur des destructions est impressionnante. La Maison Blanche face au piratage de Sony Pictures. Un million de PlayStation 4 vendues en France. «Je suis dévasté», le PDG de Snapchat réagit au vol de documents. Le piratage de Sony, "une grave affaire de sécurité nationale" Piratage de Sony: La Corée du nord, un coupable un peu trop parfait. Ce qu'il faut savoir sur le piratage géant de Sony Pictures. Piratage de Sony: Les hackers du bureau 121 de la Corée du Nord soupçonnés. Baladeurs, télés, mobiles, piratages : la lente descente aux enfers de Sony.
Sony Pictures cède aux menaces et annule toute sortie du film "L'Interview qui tue !" Film censuré: ce que l'on sait du piratage de Sony. Par peur des représailles, Sony annule la sortie de "The Interview" Sony cède aux pirates et annule la sortie du film «The Interview»