destructionware.... bootkits have become digital atomic bombs at Sonyhack

"The report said the malware overrides all data on hard drives of computers, including the master boot record, which prevents them from booting up.  The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods," the report said.

Security experts said that repairing the computers requires technicians to manually either replace the hard drives on each computer, or re-image them, a time-consuming and expensive process.

we have seen the hundreds of pages with all the sites and information that has been downloaded and now seems destroyed. It are whole intranets with intranetsites (and their code) and databases and internal applications and passwords and files and personal mailboxes and so it goes on for hundreds of pages

now it is clear that all the harddisks on which this data was found were virutally destroyed and I hope they have good external backups and that these were isolated from the network so that the hackers couldn't delete those at well (which was done in several hacking incidents)

by using destructive bootkits you also make i very hard to do some very professional forensic analysis because it will be very hard to find that evidence in the destroyed hard disks - eventually you will have to destroy it yourself to be able to recuperate some other data (instead of the eventlogs and other proof)

we already had viruses that blocked your data with an encryption key but this is a whole new ballgame..... they are just out to copy and publish your internal network and to destroy it totally afterwards with the only intent of making you pay by creating chaos

but the big question naturally is why Sony wasn't better prepared for this after its attacks and leaks in 2011

The comments are closed.