Within hours of President Obama’s press conference on Friday, December 19th, the FBI and the Department of Homeland Security issued a warning about the five types of malware used by North Korea against Sony. The malware was used to not only steal data, but to destroy data as well. The Sony hacking has ushered in a new era of cybercrime in that it appears to be the first time that a hacking has been done of a major corporation for primarily destructive purposes rather than the stealing of data for either identity theft purposes or to gain access to enable foreign corporations to compete better in the international marketplace. We may be seeing the first of what may turn into many attacks threatening to destroy a company’s data if it does not pay a ransom. Corporations in America and around the world have got to better prepare themselves for such attacks and they need to do it now.
Here is a link to the warning from the Department of Homeland Security which in turn has another link within it to an earlier Security Tip for handling destructive malware. One important thing that all corporations have got to do is to better segregate their data and networks so that essential data is not available to anyone with access to the corporations’ computers. Many recent hackings of retailers have started with hacks of less secure third-party vendors with access credentials to the computer systems of the the major retailers.