Summary: The 2014 North Korean cyberattack on Sony Pictures shocked the earth into realizing that a North Korean cyber threat really existed. Prior to 2014, what piffling information existed on North Korea’s cyber capabilities was largely dismissed, citing pitiful domestic atmospheric condition every bit rationale for cyber ineptitude. However, the impressive nature of the Sony gear upward on was instrumental inward changing global agreement of Kim Jong-un in addition to his regime’s daring nature. Text: On Nov 24, 2014 Sony employees discovered a massive cyber breach after an prototype of a ruby skull appeared on estimator screens company-wide, displaying a alert that threatened to let on the company’s secrets. That same day, to a greater extent than than 7,000 employees turned on their computers to detect gruesome images of the severed caput of Sony’s principal executive, Michael Lynton[1]. These discoveries forced the society to near downwardly all estimator systems, including those inward international offices, until the incident was farther investigated. What was get-go deemed zilch to a greater extent than than a nuisance was after revealed every bit a breach of international proportions. Since this incident, the earth has noted the increasing prevalence of large-scale digital attacks in addition to the dangers they pose to both private in addition to world sector entities.
According to the U.S. Computer Emergency Readiness Team, the primary malware used inward this illustration was a Server Message Block (SMB) Worm Tool, otherwise known every bit SVCH0ST.EXE. An SMB worm is unremarkably equipped amongst 5 components: a listening implant, lightweight backdoor, proxy tool, destructive hard movement tool, in addition to a destructive target cleaning tool[2]. The worm spreads throughout the infected network via a trial-and-error method used to obtain information such every bit a user password or personal identification pose out known every bit a animate existence forcefulness authentication attack. The worm thence connects to the command-and-control infrastructure where it is thence able to start out its damage, unremarkably copying software that is intended to impairment or disable computers in addition to estimator systems, known every bit malware, across to the victim scheme or administrator scheme via the network sharing process. Once these tasks are complete, the worm executes the malware using remotely scheduled tasks[3].
This type of malware is highly destructive. If an scheme is infected, it is probable to sense massive impacts on daily operations, including the loss of intellectual belongings in addition to the disruption of critical internal systems[4]. In Sony’s case, on an private level, hackers obtained in addition to leaked personal in addition to somewhat embarrassing information virtually or said past times Sony personnel to the full general public, inward add-on to information from private Sony emails that was sensitive or controversial. On the society level, hackers stole various information ranging from contracts, salary lists, budget information, in addition to painting demo plans, including 5 entire yet-to-be released movies. Moreover, Sony internal information centers had been wiped build clean in addition to 75 per centum of the servers had been destroyed[5].
This hack was attributed to the unloosen of Sony’s movie, The Interview—a comedy depicting U.S. journalists’ conception to assassinate North Korean leader Kim Jong-un. H5N1 grouping of hackers who self-identified past times the elevate “Guardians of Peace” (GOP) initially took responsibleness for the attack; however, attribution remained unsettled, every bit experts had a hard fourth dimension determining the connections in addition to sponsorship of the “GOP” hacker group. Former Federal Bureau of Investigation (FBI) Director James Comey inward Dec 2014 announced that U.S. authorities believed that the North Korean regime was behind the attack, alluding to the fact that the Sony hackers failed to usage proxy servers that masked the rootage of their attack, revealing Internet Protocol or IP addresses that the FBI knew to last solely used past times North Korea[6].
Aside from Director Comey’s statements, other bear witness exists that suggests North Korea’s involvement. For instance, the type of malware deployed against Sony utilized methods similar to malware that North Korean actors had previously developed in addition to used. Similarly, the computer-wiping software used against Sony was also used inward a 2013 gear upward on against South Korean banks in addition to media outlets. However, most damning of all was the regain that the malware was built on computers gear upward to the Korean language[7].
As for a motivation, experts debate that the hack was executed past times the North Korean authorities inward an elbow grease to save the prototype of Kim Jong-un, every bit protecting their leader’s prototype is a principal political objective inward North Korea’s cyber program. Sony’s The Interview infantilized Kim Jong-un in addition to disparaged his leadership skills, portraying him every bit an inept, ruthless, in addition to selfish leader, piece poking fun at him past times depicting him singing Katy Perry’s “Firework” vocal piece shooting off missiles. Kim Jong-un himself has declared that “Cyberwarfare, along amongst nuclear weapons in addition to missiles, is an ‘all-purpose sword[8],’” thence it is non surprising that he would usage it to protect his ain reputation.
The biggest takeaway from the Sony breach is arguably the U.S. government’s alter inward mental attitude towards North Korean cyber capabilities. In recent years leading upward to the attack, U.S. analysts were quick to move North Korea’s cyber-potential, citing its isolationist tactics, struggling economy, in addition to lack of modernization every bit rationale for this judgement. However, next this large-scale gear upward on on a large in addition to prominent U.S. company, the U.S. authorities has been forced to rethink how it views the Hermit Regime’s cyber capabilities. Former National Security Agency Deputy Director Chris Inglis argues that cyber is a tailor-made musical instrument of ability for the North Korean regime, cheers to its low-cost of entry, asymmetrical nature in addition to bird of anonymity in addition to stealth[9]. Indeed the North Korean cyber threat has crept upward on the U.S., in addition to similar a shot the its word apparatus must decease along to operate to both counter in addition to amend sympathise North Korea’s cyber capabilities.
Endnotes:
Buat lebih berguna, kongsi:
