Lazarus Identified as Group Behind Sony Attack

The perpetrators behind the unprecedented attack against Sony Pictures Entertainment in 2014 have finally been identified, according to a consortium of private digital security firms led by Novetta. The hacker collective, which Novetta has dubbed the Lazarus Group, has apparently been active since at least 2009, and maybe as early as 2007.

Project Blockbuster, the Novetta-led effort to uncover the identity of the hackers, released a report on the collective today. Although there was little communications from the hackers, who called themselves the Guardians of Peace during the Sony hack, Novetta said the group continues to operate and target new victims today.

In November 2014, Sony Pictures, Sony's studio subsidiary, was the victim of a cyberattack against its network and IT infrastructure by the hacker group. The hack took down the studio's computers for several days, and resulted in a massive loss of confidential data, including payroll information, private e-mail correspondences between executives and digital copies of entire, then-unreleased movies. The company was thrown into complete chaos for months following the breach.

The hack also caused the movie giant to initially can one of its new comic film, "The Interview." The Sony-produced comedy starred Seth Rogen and James Franco, was thought to be the likely the cause of the cyberattack because it depicted a fictional plot to assassinate North Korean dictator Kim Jong-un.

Organized and Determined

?EU?The attack against Sony Pictures Entertainment (SPE) was unprecedented in its media coverage and overt use of malicious destructive capabilities against a commercial entity,?EU? Novetta wrote in the report. ?EU?The SPE attack broke new ground not only as a destructive malware attack on a U.S. commercial entity but also due to the fact that the U.S. government attributed the attack to North Korea and enacted small reciprocal measures.?EU?

What has made Lazarus, and its attack against Sony...

Comments are closed.