FBI warns US companies of malware that can wipe hard drives
The FBI issued a five-page confidential “flash” warning to businesses. It comes after the exposure of hacker attacks on Sony Pictures Entertainment, in which four unreleased films were stolen and pirate-shared.
The issued FBI warning outlines some technical details about the malicious software that was used in the attack, yet the agency did not name victims, Reuters reports. The warning claims that the malware overrides hard drive data on computers, which enables the hackers to shut down networks.
"This malware has the capability to overwrite a victim host’s master boot record and all data files," the report says. "The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods."
When asked if the malware “flash” warning was used against Sony Pictures, FBI spokesman Joshua Campbell declined to comment on whether the company was one of the targets.
"The FBI routinely advises private industry of various cyber threat indicators observed during the course of our investigations," he said. "This data is provided in order to help systems administrators guard against the actions of persistent cyber criminals,” Campbell added, clarifying that victims of the attacks are never named.
Campbell did confirm to Reuters that the FBI had issued the confidential "flash" warning.
However, an unnamed cyber expert contacted by the news agency linked the FBI warning to the attack on Sony.
“This correlates with information that many of us in the security industry have been tracking,” said an unnamed cyber expert contacted by Reuters. “It looks exactly like information from the Sony attack.”
In a separate statement, the FBI said it is "working with our interagency partners to investigate the recently reported cyber intrusion at Sony Pictures Entertainment."
Meanwhile, the alert offers advice on how to tackle potential attacks, and asks companies to contact the FBI if they have discovered similar malware.