Antivirus software powerless against Sony hackers

Status
Not open for further replies.

Dima007

Level 23
Thread author
Verified
Well-known
Apr 24, 2013
1,200
635534946703113460-Sony.jpg

SAN FRANCISCO — The malicious software that crippled Sony Pictures Entertainment and resulted in the release of gigabytes of sensitive information was not something that even state of the art antivirus software would have picked up.

"This incident appears to have been conducted using techniques that went undetected by industry standard antivirus software," the FBI said in a statement released Saturday.

In an e-mail to Sony staff obtained by USA TODAY, the security company analyzing the attack said "the malware was undetectable by industry standard antivirus software and was damaging and unique enough to cause the FBI to release a flash alert to warn other organizations of this critical threat."

Kevin Mandia, CEO of Mandiant, the security firm, went on to say in his e-mail, "this was an unparalleled and well planned crime, carried out by an organized group, for which neither SPE nor other companies could have been fully prepared."

The ongoing cyberattack against SPE began two weeks ago. Security experts say it could portend a new era in computer assaults — one of wanton destruction and the release of embarrassing and potentially devastating data to the world.

"This is a game-changer for us in the United States, this level of maliciousness is unprecedented. I've never seen it, ever," said Jim Penrose, a former National Security Agency computer security expert now with Darktrace, a British security firm.

Sony is just the latest, and perhaps the hardest hit, in a long list of major U.S. corporations assaulted by cybercriminals in the past year. They include Target, P.F. Chang's, The Home Depot, Goodwill, Dairy Queen, JPMorgan Chase and the U.S. Postal Service.

Despite corporations spending millions of dollars on network security and the rise of hundreds of computer security firms, the attackers keep getting through.

The cost to investigate, notify and respond to these attacks is devastating. The average cost to a breached company was $3.5 million in 2014, according to a study released this year by the Ponemon Institute, which conducts independent research on information security.

Companies then pass on those increased costs for computer security, notification and, in some cases, remediation to their customers, even if those consumers don't even realize they're being affected.

A staggering 43% of companies worldwide have reported being breached in the past year, according to the Ponemon Institute. In addition, people whose credit cards or identities are compromised must also deal with replacement hassles and possible identity theft.

Read more: http://www.usatoday.com/story/tech/2014/12/06/sony-attack-new-era-nuclear-option/19963063/
 
  • Like
Reactions: tonibalas

Solarquest

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
Why was it undetectable or what made it so undetectable? How could it pass IDS, Firewalls and the behavioral detection of all AVs?
The user didn't get any alerts at all?
 
  • Like
Reactions: jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Obvious signatures that wasn't matched from a polymorphic viruses can be undetected but components of HIPS and BB that deals user interactions with proper supervision then it will prevent to be catastrophic.
 

jogs

Level 22
Verified
Top Poster
Well-known
Nov 19, 2012
1,112
The Internet can never be 100% safe, whatever tools you may use to secure yourself there will be one that will bypass it. The game never ends.
 

Raul90

Level 14
Feb 5, 2012
658
People to tend to be complacent as they go on their daily jobs as a "routine". That is the one thing that needs to be addressed there. Tech experts especially those that are in the front lines of need to be a step above the hackers because like terrorism they are very persistent. The thing is that catching the bad guys aren't enough but securing your network effectively is key here.


A security system Target recently bought from Dave DeWalt's company, did detect the intrusion, and triggered alarms. But Target's older security systems were still in place, generating millions of alerts similar to these. Most were for minor technical glitches and the warnings from FireEye were lost in the noise....

...from 60 Minutes : What happens when you swipe your card?
http://www.cbsnews.com/news/swiping-your-credit-card-and-hacking-and-cybercrime/

This is a neverending game of cat and mouse but it's the entry points that need be secured properly. The tell tale signs of breaches may be obscure but that's what security is all about and everybody needs not to be complacent.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top