The FBI issued an advisory to U.S. businesses late Monday, warning them about potentially crippling malware attacks, describing programs similar to those that were used to hack Sony Pictures Entertainment’s computer system last week.
The confidential “flash” alert, obtained by Reuters, details a particularly destructive form of malware that steals and then erases data from hard drives and paralyzes networks. Though the alert doesn’t mention the company by name, security experts contacted by Reuters confirm that it describes the cyberattack mounted against Sony.
Sony’s email was down for a week following the attack, and pre-release versions of Sony films such as Annie, Fury, and Still Alice have recently appeared on illegal torrent sites, likely a result of digital theft connected with the malware. According to the FBI, the only way to restore functionality to infected computers in many cases is to physically replace the hard drive–a time-consuming and costly endeavor.
“The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods,” the report said.
Reuters reports that the malware used against Sony is similar to the kind used against companies in South Korea and the Middle East with devastating consequences, in one case destroying some 30,000 computers. Those attacks were believed to have originated in North Korea and Iran. If this is indeed the same malware, it would be the first such attack to take place on U.S. soil.
Although a group called Guardians of Peace, or #GOP, has claimed responsibility, there is some speculation that the North Korean government may have mounted the attack as retaliation for the upcoming Sony film The Interview, which depicts characters played by Seth Rogen and James Franco being recruited by the CIA to kill dictator Kim Jong-un. In June, the North Korean government issued a statement to the United Nations calling the film “an act of war,” and so far has refused to deny its involvement in the cyber assault.
Although the FBI declined to comment on the warning, they did confirm its authenticity.