Breach, Data Security, Incident Response, Malware, TDR, Threat Management

FBI: Sony hackers threatened U.S. news organization


The Guardians of Peace (GOP), a hacker group taking credit for the Sony attack, is now threatening to target a major news organization in the U.S., according to a recent FBI warning.

The “Joint Intelligence Bulletin” (PDF), which was published by The Intercept on Wednesday, was issued by the FBI and the U.S. Department of Homeland Security exactly a week prior on Dec. 24.

In the bulletin, Sony Pictures Entertainment is not referred to by name, but as “USPER 1,” an organization that was targeted by a “late-November 2014 cyber intrusion.” The alert also referenced “related threats concerning the planned released of the movie, ‘The Interview'” – a theatrical Christmas release Sony originally canceled. The entertainment giant eventually went on to release the film in limited theaters and make the movie available via online purchases and rentals.

The bulletin also noted that hackers' threats “have extended to USPER2 – a news media organization – and may extend to other such organizations in the near future.”

Pastebin messages posted on Dec. 20 by the GOP, which “specifically taunted the FBI and USERP2 for the ‘quality' of their investigations and implied an additional threat,” led the agencies to alert organizations, the bulletin said.

On Wednesday, early reports began to suggest that CNN was the news organization being threatened by hackers. Journalist Matthew Keys reported on the hacker messages that likely incited the FBI's warning, publishing one of the messages to CNN (now removed from Pastebin) on his site The Desk.

“The result of the investigation by CNN is so excellent that you might have seen what we were doing with your own eyes,” the message claiming to come from the Guardians of Peace said. The message linked to a YouTube video that taunted the organization, calling it an "idiot."

The FBI alert was provided to law enforcement officials, first responders and private sector security organizations, and urged organizations to refer to its early December flash warning for more information on the "destructive malware” being spread by attackers. The malware reportedly featured data-wiping capabilities in order to cripple Sony's network operations.

UPDATE: After issuing the bulletin, the FBI reportedly learned that the Pastebin "threats" were actually a hoax by a man in Tennessee, who said he is not affiliated in any way with GOP. Read more in our Sony update.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.