Home / / Sony Pictures attack ‘unparalleled’: FireEye’s Mandiant

Sony Pictures attack ‘unparalleled’: FireEye’s Mandiant

Cyber forensics team still refrains from naming names, but says culprit was ‘organised group’

Sony Pictures attack ‘unparalleled’: FireEye’s Mandiant
Sony Pictures is the US-based media unit of Sony Corp.

Cyber investigators with FireEye’s forensics unit, Mandiant Corp, have described the attack on Sony Pictures Entertainment’s network as “unparalleled”, Reuters reported.

The Mandiant team, which was hired to look into the ransomware breach on 24 November, said in an email that the infiltration was “well-planned” and carried out by an "organised group".

The email was sent by Kevin Mandia, senior vice president and chief operating officer at Mandiant, to Michael Lynton, chief executive of Sony Pictures. Mandia does not discuss the full extent of the breach or the damage caused and also does not address the identity of the attackers.

The incursion, which at one point had Sony Pictures staff working with pen and paper, is said to be the most destructive ever to have been carried out on a company on US soil. While the network was taken down, endpoint malware wiped PCs, which had to be restored. Previous reports also indicate widespread theft of personal data and intellectual property, including yet-to-be-released movies.

Reuters and other media outlets continue to cite insiders that claim North Korea is the prime suspect.

"The scope of this attack differs from any we have responded to in the past, as its purpose was to both destroy property and release confidential information to the public," Mandia said in his email.

"The bottom line is that this was an unparalleled and well-planned crime, carried out by an organised group, for which neither SPE nor other companies could have been fully prepared."

Follow us to get the most comprehensive IT Security news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.