TweakTown NewsRefine News by Category:
Sony Pictures is facing a public relations nightmare after a major data breach orchestrated by North Korea, and company executives just can't stop the bleeding. The data breach could become the costliest suffered by a U.S. company, with fallout that will surely continue into 2015. Beyond the sensitive documents and personal information stolen, along with the cancellation of "The Interview," there is a strong possibility some actors will avoid Sony in the future.
It remains unclear how much Sony will lose because of the cyberattack, but lawsuits, lost revenue because of "The Interview" being pulled, and other problems will only complicate matters even further.
"This attack went to the heart and core of Sony's business and succeeded," said Avivah Litan, Gartner cybersecurity analyst. "We haven't seen any attack like this in the annals of U.S. breach history."
North Korea could be using the cyberattack against Sony Pictures as a test run to try out its budding cyber capabilities, with the reclusive government potentially taking aim at US energy companies and critical infrastructure. Despite much of the Western world ignoring its growing cyber ambitions, it looks like North Korea has been able to increase its cyber weapons.
"North Korea's ultimate goal in cyber strategy is to be able to attack national infrastructure of South Korea and the United States," said Kim Heung-kwang, a North Korean defector and former computer science professor. "The hacking of Sony Pictures is similar to previous attacks that were blamed on North Korea and is a result of training and efforts made with the goal of destroying infrastructure."
The North Korean government has poured resources into its Bureau 121 cyber warfare unit, recruiting some of the nation's best computer experts - with most of the department's agents originating from the North Korean military computer school. It has successfully attacked targets in South Korea on several occasions, as some networks remain vulnerable to attack.
The U.N. General Assembly wants better digital privacy protections for Internet users, which was drafted by Germany and Brazil, earning consensus approval. Former NSA contractor Edward Snowden revealed mass surveillance capabilities by the NSA and GCHQ, which has angered a large number of Internet users.
The UN resolution, which was co-sponsored by 65 nations - as opposed to just 10 in 2013 - will also rely on private sector companies to play a role.
Previously, the UN showed great concern over Internet users' rights to digital privacy, with great concern of covert surveillance programs. "Without the necessary checks, we risk turning into Orwellian states, where every step of every citizen is being monitored and recorded in order to prevent any conceivable crime," said Harald Braun, German ambassador.
Internet users are fighting for their privacy while browsing the Internet, but trying to see what the future holds has proven difficult. As noted by former NSA contractor Edward Snowden, Web users found they are under constant surveillance by governments and hacker groups. It turns out 55 percent of experts believe there would not be a "secure, popularly accepted and trusted privacy-rights infrastructure by 2025," according to a survey hosted by the Pew Internet Project and Elon University's Imagining the Internet Center.
Regardless of what Internet users and privacy experts say about the current state of the Internet right now, it will remain a major talking point for years to come.
"By 2025, there will be an international consensus among Internet organizations on how best to balance personal privacy and security with popular content and services," according to an unnamed specialist working on technical and policy coordination, published by Pew. "The patchwork approach of national privacy protections will be harmonized globally in 2025, and the primary of security concerns will be more balanced by such an international consensus."
ICANN employees have fallen victim to a suspected spear phishing cyberattack that began in late November 2014, the group confirmed in a blog post. The social engineering attack mimicked emails that closely resembled communications from its own domain and targeted ICANN employees. Unfortunately, the attack was successful and several ICANN staff members had their credentials compromised.
The compromised credentials were used to access ICANN's Centralized Zone Data System, providing criminals with access to names, postal addresses, email addresses, fax and phone numbers, usernames and passwords. The breach also hits the ICANN GAC Wiki, with only public information accessible to the cybercriminals.
Earlier in the year, ICANN boosted its cybersecurity, which the group said likely helped keep unauthorized access to a minimum from this attack.
Sony has decided to withdraw "The Interview," due to terrorism threats from the Guardians of Peace hacker group - and Steve Carell's "Pyongyang" movie has been scrapped. The so-called "paranoid thriller" movie was written by Steve Conrad and originates from the "Pyongyang" graphic novel created by Guy Delisle.
Not surprisingly, Carell wasn't overly amused with news Sony canned "The Interview" and his movie also was caught in the crossfire, tweeting the following message: "Sad day for creative expression. #feareatsthesoul"
The US government is set to officially blame North Korea for SPE's recent cyberattack, which has caused great harm to Sony - as employee personal information, medical data, and email conversations have been leaked online.
Chinese mobile manufacturer Coolpad is building backdoors into high-end Google Android-powered smartphones, according to Palo Alto Networks' Unit 42. The "CoolReaper" backdoor has been found on a variety of ROMs that were downloaded by security researchers. Coolpad is the No. 6 largest smartphone manufacture in the world, No. 3 inside of China, so this is an extremely troubling development.
CoolReaper is able to download, install, or activate Android applications without needing owner consent or notification. It can also clear user data, uninstall applications, and disable system applications. Researchers also found that it can dial arbitrary phone numbers and send SMS or MMS messages from the phone.
"CoolReaper is the first malware we have seen that was built and operated by an Android manufacturer," according to the Palo Alto Networks' Unit 42 blog. "The changes Coolpad made to the Android OS to hide the backdoor from users and anti-virus programs are unique and should make people think twice about the integrity of their mobile devices."
There is concern that the cybercriminals responsible for compromising Sony Pictures Entertainment, and then leaking stolen information, cannot face justice if being protected by North Korea, according to US officials. If North Korea sponsored the attack, likely recruiting hackers outside of the country to lend a hand, it would be difficult for them to face justice in the United States, according to an unnamed U.S. official.
Trying to accurately identify and detain hackers has been difficult for the United States and other western nations - as extradition for cybercrimes only happens in extreme cases. Even if the FBI and cybersecurity companies identify those responsible, they should be able to hide and remain safe.
"The Interview" will still launch on Christmas Day next week, but it's unknown how many theaters will actually show the movie following threats against theaters. Expect the Guardians of Peace to release more data stolen from Sony, as they were reportedly able to steal 100 terabytes of information from Sony's networks.
The hacker group reportedly behind a major cyberattack against Sony Pictures Entertainment is getting what they want - as Sony tells theaters they don't need to show "The Interview" due to terror threats. The movie is scheduled for release on Christmas, Dec. 25, and it would appear some theaters have already said they won't show the controversial film.
Movie theaters that decide to still show the film plan to use additional security - even if there has been no credible evidence a plot is in place - with AMC, Cinemark, Regal and Carmike all suffering a drop in stock values because of the threat.
"Somebody is playing mind games with [Sony]," said Richard Clarke, cybersecurity expert and former White House counter-terrorism lead, in a statement published by Good Morning America. "I think North Korea has little or no capability to do any physical attacks, commando activity, or terrorism in the U.S. By saying it's coming, however, they hope to keep people from the theaters and, thereby, hurt Sony's revenue."
The "Guardians of Peace" hacker group threatened attacks against movie theaters that will show "The Interview," but the US Department of Homeland Security (DHS) hasn't found any credible threats. Police in Los Angeles and New York City said they are taking extra precautions due to the GOP statement.
"We are still analyzing the credibility of these statements, but at this time there is no credible intelligence to indicate an active plot against movie theaters within the United States," according to a DHS official.
If nothing else, the hacker group is causing further financial damage to Sony - as some movie theaters already promised to pull the movie.