Sony Pictures attack ‘unparalleled’: FireEye’s Mandiant
Cyber forensics team still refrains from naming names, but says culprit was ‘organised group’
Cyber investigators with FireEye’s forensics unit, Mandiant Corp, have described the attack on Sony Pictures Entertainment’s network as “unparalleled”, Reuters reported.
The Mandiant team, which was hired to look into the ransomware breach on 24 November, said in an email that the infiltration was “well-planned” and carried out by an "organised group".
The email was sent by Kevin Mandia, senior vice president and chief operating officer at Mandiant, to Michael Lynton, chief executive of Sony Pictures. Mandia does not discuss the full extent of the breach or the damage caused and also does not address the identity of the attackers.
The incursion, which at one point had Sony Pictures staff working with pen and paper, is said to be the most destructive ever to have been carried out on a company on US soil. While the network was taken down, endpoint malware wiped PCs, which had to be restored. Previous reports also indicate widespread theft of personal data and intellectual property, including yet-to-be-released movies.
Reuters and other media outlets continue to cite insiders that claim North Korea is the prime suspect.
"The scope of this attack differs from any we have responded to in the past, as its purpose was to both destroy property and release confidential information to the public," Mandia said in his email.
"The bottom line is that this was an unparalleled and well-planned crime, carried out by an organised group, for which neither SPE nor other companies could have been fully prepared."