The FBI admitted that the online attack that crippled Sony Pictures, resulted in theft of confidential information and leak of unreleased movies to the web would have challenged almost any cyber security measures.
The investigation of the attack showed that the used tools were extremely sophisticated. The FBI also said that the attacks were organized and undoubtedly persistent. Security experts had to admit that the malware used in the recent hack would have slipped or probably got past 90% of up-to-date online defenses in private industry. Moreover, it would have challenged even state government. In other words, the experts explain that it’s very hard to prevent sophisticated and well-funded cyber attackers from hacking the company. On the other hand, other security experts criticize Sony Pictures for its poor data security – according to some reports, the company stored login details in unencrypted spreadsheets.
The Federal Bureau of Investigation believes that the skills necessary to carry out such a cyber attack weren’t limited to government-funded rings and that cyber criminals also have the required level of sophistication. The hack took place on 24 November, and the responsibility for it was claimed by a hacking group calling itself Guardians of Peace. North Korea was under suspicion at first, but then a link between the country and Guardians of Peace was muted. Pyongang was suspected because of its reaction to the Sony movie The Interview, which depicts an assassination attempt on Kim Jong-un. The country was quick to deny involvement, though a number of security researchers are still convinced that it was a state-sponsored attack.