Virtually no private company nor even many government ones could have fended off the highly sophisticated cyber attack on Sony Pictures’ computer systems that led to the theft of vast amounts of confidential employee and business documents, a top FBI official told a U.S. Senate hearing today.
The malware attack “would have slipped or gotten past 99 percent” of the defenses used by both private companies and even government operations, said Joe Demarest, associate director in the FBI’s cyber division. An estimated 100 terabytes of data and documents were ransacked from Sony Pictures’ systems last month and have been partially released to the public.
Demarest’s comment elicited a simple “Wow” in response from U.S. Sen. Charles Shumer (D-N.Y.), a member of the Senate Banking Committee holding the hearing.
Demarest again did not confirm the belief by some that the hacking attack was done by the North Korean government in retribution for The Interview, a Sony action-comedy where journalists played by Seth Rogen and James Franco are commissioned by the CIA to kill North Korea’s autocratic leader, Kim Jong–Un. Demarest had said similar things yesterday at a cyber-security panel, saying there was “no attribution” to North Korea for the attack.
That said, Demarest called the attack’s level of sophistication “extremely high,” and was carried out in a “persistent” and highly organized way. Asked what entities might be able to carry out such attacks, he did not name names, other than to say that he could think of three or four obvious candidates, including one Middle East operation – thought to be Iran – that particularly concerns the bureau.
Numerous reports and books in recent years have detailed China and Russia’s highly sophisticated cyber warfare capabilities, both within those governments’ militaries and among loosely aligned independent hacker groups that are tolerated as long as their activities are focused on other countries.
Demarest said in all, “three or four” countries have the kinds of sophisticated and organized capabilities seen in the Sony Pictures attack, but a number of countries have dramatically improved their cyber capabilities in the 18 months to two years, and that may indeed include North Korea, though he declined to provide specifics.