Re/code reports that the hackers who made a mess of Sony’s network and released a trove of email correspondence used what’s known as a “zero-day” vulnerability, a previously unknown security hole in the company’s software. This finding begins to explain how hackers were able to breach Sony’s network and wreak havoc undetected for months.
What’s with the name? Zero-days are exploits that were unknown to security teams at the time of the breach, which means that security engineers had zero days to patch the vulnerability since hackers first made use of it. There are no details at this time as to what piece of software the zero-day vulnerability affected. But The New York Times reports that “spear phishing,” a type of attack that uses emails or email attachments that link to malicious code, was used to gain access to Sony systems.
While this revelation is a major step in the investigation into the saga of Sony’s security woes, it does does not answer the question of whether the hack was perpetrated by a state (such as North Korea) or non-state actors. While zero-day exploits are often bought and sold on the black market, hackers with political motivations have previously made use of them, such as when now-imprisoned hacktivist Jeremy Hammond utilized a zero-day exploit in Plesk to breach private intelligence firm Stratfor’s security.