Hackers into the Sony Pictures network used a software Zero Day to gain access.
The hackers used their access to roam around the company’s network for several months before launching the massive attack in late November that crippled Sony’s computer system, exposed swaths of internal documents and emails and almost caused the cancellation of a big-budget film, according to a report by Re/code.
The FBI blamed North Korea for the attack, saying the country was retaliating against Sony for its comedy, “The Interview,” which depicts a plot to assassinate North Korean leader Kim Jong Un.
On Monday, word came out hackers had been continuously hitting Sony with spear phishing attacks — fake emails intended to lure recipients into clicking on something that downloads malware onto their computer — as far back as September. Spear phishing attacks are often one tool used to exploit Zero-Day vulnerabilities.
Details are scarce on exactly which Zero Day vulnerability the hackers exploited. But knowing the attackers entered the network using this method could potentially shed some light on the incident.
The discovery partially shows Sony’s cybersecurity practices were not totally in error. If hackers did use a Zero Day to get in, it would be difficult for Sony to prepare for the intrusion.
Click here for more on the Re/code report.