In the wake of a destructive malware attack on Sony Pictures Entertainment, the Federal Bureau of Investigation (FBI) is warning other U.S. businesses to beware.
A confidential “flash” FBI warning provided to businesses on Monday advised them on how to respond to the malware, which has affected thousands of Sony employees and led to the leak of several of the studio’s films.
The five-page report said that the malware overrides all data on infected systems. “The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods,” the report said.
Security officials at a number of U.S. companies were asked by the FBI not to share the report, but Reuters obtained a copy.
The devastating attack on Sony brought the corporation’s email down for a week and affected other systems during the crucial holiday season. A report on Monday by security journalist Brian Krebs suggested that a file containing sensitive information about more than 6,800 Sony employees—including their names, locations, social security numbers, and dates of birth—is currently circulating on torrent networks.
A Sony spokeswoman told reporters on Monday that a number of unidentified services have been restored, adding that Sony was “working closely with law enforcement officials to investigate the matter.”
Sony declined to comment on the FBI’s warning to other businesses.
Unconfirmed reports suggest that North Korea may be behind the attack on Sony. Next June, the studio will release a comedy called The Interview, which stars James Franco and Seth Rogen and centers around a plot to assassinate North Korean leader Kim Jong-un.
A spokesman for North Korea’s foreign ministry said that all North Koreans were offended by the film’s premise and added that his country was determined to “mercilessly destroy anyone who dares hurt or attack the supreme leadership of the country, even a bit.”
At least five new Sony films have been leaked online and downloaded millions of times over the past month, including Annie, Still Alice, Mr. Turner, and To Write Love on Her Arms. The film Fury, starring Brad Pitt, was downloaded no less than 1.2 million times since Nov. 27.
The hackers, who claim to hail from a group calling itself “Guardians of Peace,” posted a curious message on Sony’s defaced website: “Warning: We’ve already warned you, and this is just the beginning. We have obtained all your internet data including secrets and top secrets.”
According to Krebs, who saw the FBI’s “flash” alert, the bureau did not specify where the malware—which referenced a Korean language pack—was found or against whom it was used. The alert did reference network traffic “signatures” that could aid companies in detecting similar attacks.
However, Krebs said, “The alert also says this type of vigilance may only serve to let organizations know that their files are currently in the process of being deleted.”
Photo via totally_pixelated/Flickr (CC BY 2.0) | Remix by Fernando Alfonso III