Sony Hackers Used Phishing Emails
to Breach Company Networks
This article talks about how Sony
Pictures Entertainment computer network was hacked in 2014. It was found that the
hackers used phishing emails to infiltrate the system. After talking to the CEO
of the computer security firm Clyance, Stuart McClure states that there was a database
of Sony emails which was downloaded following a pattern of phishing emails. The
whole process started with employees getting fake emails to verify their Apple
ID which lead to victim prompted to enter their Apple ID information into a
fake verification form. After getting all the information, it enabled hackers
to connect with the employees LinkedIn account where they were able to figure
out their Sony login information thinking the employees might be using the same
credentials for their accounts. The credentials helped the hackers to code into
a strain of malware which is known as Wiper led them into the company’s
networks.
It was later found out that the
hacking responsible party were the North Korean government when they posted the
links to a collection so stolen document which includes financial records and
private keys to the Sony’s server. Regarding the hack, the CEO mentioned that
companies need to implement some safeguards that will better protect user
credentials if they are to avoid becoming the victim of attack like they did to
Sony. He also stated that companies should use some form of memory process
injection protection and password reuse should be avoided not to become a
victim like that again.
References:
Bisson, D. (2015, April 22). Sony
Hackers Used Phishing Emails to Breach Company Networks. Retrieved on April 26,
2015 from http://www.tripwire.com/state-of-security/latest-security-news/sony-hackers-used-phishing-emails-to-breach-company-networks/
No comments:
Post a Comment