Exclusive: FBI warns of ‘destructive’ malware in wake of Sony attack

admin   •   December 2, 2014   •   2244

The word ‘password’ on a computer screen is magnified with a magnifying glass in this picture illustration taken in Berlin May 21, 2013. CREDIT: REUTERS/PAWEL KOPCZYNSKI

(Reuters) – The Federal Bureau of Investigation warned U.S. businesses that hackers have used malicious software to launch a destructive cyberattack in the United States, following a devastating breach last week at Sony Pictures Entertainment.

Cybersecurity experts said the malicious software described in the alert appeared to describe the one that affected Sony, which would mark first major destructive cyber attack waged against a company on U.S. soil. Such attacks have been launched in Asia and the Middle East, but none have been reported in the United States. The FBI report did not say how many companies had been victims of destructive attacks.

“I believe the coordinated cyberattack with destructive payloads against a corporation in the U.S. represents a watershed event,” said Tom Kellermann, chief cybersecurity officer with security software maker Trend Micro Inc. “Geopolitics now serve as harbingers for destructive cyberattacks.”

The five-page, confidential “flash” FBI warning issued to businesses late on Monday provided some technical details about the malicious software used in the attack. It provided advice on how to respond to the malware and asked businesses to contact the FBI if they identified similar malware.

The report said the malware overrides all data on hard drives of computers, including the master boot record, which prevents them from booting up.

“The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods,” the report said.

The document was sent to security staff at some U.S. companies in an email that asked them not to share the information.

The FBI released the document in the wake of last Monday’s unprecedented attack on Sony Pictures Entertainment, which brought corporate email down for a week and crippled other systems as the company prepares to release several highly anticipated films during the crucial holiday film season.

A Sony spokeswoman said the company had “restored a number of important services” and was “working closely with law enforcement officials to investigate the matter.”

She declined to comment on the FBI warning.

The FBI said it is investigating the attack with help from the Department of Homeland Security. Sony has hired FireEye Inc’s (FEYE.O) Mandiant incident response team to help clean up after the attack, a move that experts say indicates the severity of the breach.

While the FBI report did not name the victim of the destructive attack in its bulletin, two cybersecurity experts who reviewed the document said it was clearly referring to the breach at the California-based unit of Sony Corp (6758.T).

“This correlates with information about that many of us in the security industry have been tracking,” said one of the people who reviewed the document. “It looks exactly like information from the Sony attack.”

FBI spokesman Joshua Campbell declined comment when asked if the software had been used against the California-based unit of Sony Corp, although he confirmed that the agency had issued the confidential “flash” warning, which Reuters independently obtained.

“The FBI routinely advises private industry of various cyber threat indicators observed during the course of our investigations,” he said. “This data is provided in order to help systems administrators guard against the actions of persistent cyber criminals.”

The FBI typically does not identify victims of attacks in those reports.

Hackers used malware similar to that described in the FBI report to launch attacks on businesses in highly destructive attacks in South Korea and the Middle East, including one against oil producer Saudi Aramco that knocked out some 30,000 computers. Those attacks are widely believed to have been launched by hackers working on behalf of the governments of North Korea and Iran.

Security experts said that repairing the computers requires technicians to manually either replace the hard drives on each computer, or re-image them, a time-consuming and expensive process.

Monday’s FBI report said the attackers were “unknown.”

Yet the technology news site Re/code reported that Sony was investigating to determine whether hackers working on behalf of North Korea were responsible for the attack as retribution for the company’s backing of the film “The Interview.”

The movie, which is due to be released in the United States and Canada on Dec. 25, is a comedy about two journalists recruited by the CIA to assassinate North Korean leader Kim Jong Un. The Pyongyang government denounced the film as “undisguised sponsoring of terrorism, as well as an act of war” in a letter to U.N. Secretary-General Ban Ki-moon in June.

The technical section of the FBI report said some of the software used by the hackers had been compiled in Korean, but it did not discuss any possible connection to North Korea.

(Reporting by Jim Finkle. Additional reporting by Lisa Richwine; Editing by Ken Wills)

Zoom video conferencing app addresses privacy issues amid FBI scrutiny

Aileen Cerrudo   •   April 3, 2020

The video conferencing app, Zoom, has announced they are already addressing the privacy and security issues raised by the Federal Bureau of Investigation (FBI) due to ‘Zoombombing’ reports.

In a statement, Zoom Founder and CEO Eric Yuan said the company acknowledges the reports of users regarding privacy issues, saying these reports would help make the company better for its customers.

“Dedicated journalists and security researchers have also helped to identify pre-existing ones. We appreciate the scrutiny and questions we have been getting – about how the service works, about our infrastructure and capacity, and about our privacy and security policies,” he said.

The FBI said they received several reports in the United States that there has been an incident of ‘Zoombombing’ or video conferences being disrupted by pornographic and/or hate images and threatening language.

Yuan said they already began implementing changes to address their privacy issues. These include training sessions, adding protective features and updating their privacy policy.

“Our chief concern, now and always, is making users happy and ensuring that the safety, privacy, and security of our platform is worthy of the trust you all have put in us,” Yuan said. AAC

Trump urges U.S. to halt most social activity in virus fight, warns of recession

UNTV News   •   March 17, 2020

President Donald Trump urged Americans on Monday (March 16) to halt most social activities for 15 days and not congregate in groups larger than 10 people in a newly aggressive effort to reduce the spread of the coronavirus in the United States.

Announcing new guidelines from his coronavirus task force, the president said people should avoid discretionary travel and not go to bars, restaurants, food courts or gyms.

As stocks tumbled, Trump warned that a recession was possible, a development that could affect his chances of re-election in November. The Republican president said he was focused on addressing the health crisis and that the economy would get better once that was in line.

The task force implored young people to follow the new guidelines even though they were at lesser risk of suffering if they contract the virus. Older people, especially those with underlying health problems, are at the greatest risk if they develop the respiratory disease.

Reporters staggered their seating, sitting in every other seat in the White House briefing room, to follow social distancing measures.

Trump said the worst of the virus could be over by July, August or later. He called it an invisible enemy.

The president has taken criticism for playing down the seriousness of the virus in the early days of its U.S. spread. On Monday, when asked, he gave himself a good grade for his response.

“I’d rate it a 10. I think we’ve done a great job,” he said.

Trump said a nationwide curfew was not under consideration at this point.

Normally a cheerleader for the U.S. economy, he acknowledged the possibility of a recession while brushing off another dramatic decline on stock markets as investors worried about the virus.

“We’re not thinking in terms of recession, we’re thinking in terms of the virus. Once we stop, I think there’s a tremendous pent up demand, both in terms of the stock market and in terms of the economy,” Trump said. The president has long considered soaring stock markets to be a sign of his administration’s success.

Trump said the administration had talked regularly about domestic travel restrictions but hoped not to have to put such measures in place.

He said he thought it would still be possible for G7 leaders to meet at the Camp David retreat in Maryland in June. Trump upset European countries, which make up a large part of the G7, by instituting travel restrictions from European countries without consulting with them first. (Reuters)

(Production: Katharine Jackson)

Streets deserted in Milan during coronavirus lockdown

UNTV News   •   March 11, 2020

A handful of people were seen on the streets of Milan on Wednesday morning (March 12) following stringent measures imposed to contain the coronavirus.

Shops and restaurants closed, hundreds of flights were cancelled and streets emptied across Italy on Tuesday (March 10), the first day of an unprecedented, nationwide lockdown imposed to slow Europe’s worst outbreak of coronavirus.

Just hours after the dramatic new restrictions came into force, health authorities announced the death toll had jumped by 168 to 631, the largest rise in absolute numbers since the contagion came to light on Feb. 21.

The total number of confirmed cases rose at a much slower rate than recently seen, hitting 10,149 against a previous 9,172, but officials warned that the region at the epicentre, Lombardy, had provided incomplete data.

The government has told all Italians to stay at home and avoid non-essential travel until April 3, radically widening steps already taken in much of the wealthy north, which is the epicentre of the spreading contagion. (Reuters)

(Production: Marissa Davison)

REACH US

The Philippine Broadcast Hub

UNTV, 915 Barangay Philam,

EDSA, Quezon City M.M. 1104

(+632) 8396-8688 (Tel)

info@untv-newsandrescue.com (General inquiries)

ABOUT UNTV

UNTV is a major TV broadcast network with 24-hour programming. An Ultra High Frequency station with strong brand content that appeal to everyone, UNTV is one of the most trusted and successful Philippine networks that guarantees wholesome and quality viewing experience.