Security Firms Join Forces to Help Unmask Sony Hackers

The attack against Sony Pictures Entertainment in 2014 is one of the highest-profile and yet mysterious security breaches in recent years. Possible culprits have ranged from North Korea to disgruntled ex-employees, but "Operation Blockbuster," a multi-vendor report issued Feb. 24, blames attackers identified as the Lazarus Group and also claims that they are still active.

Among the organizations that participated in the Operation Blockbuster research are Kaspersky Lab, AlienVault and Novetta, with support from Invincea ThreatConnect, Veloxity, Punch Cyber, Trend Micro and Symantec.

After the attack against Sony Pictures Entertainment in 2014, Kaspersky Lab's Global Research and Analysis Team began investigating samples of the Destover malware publicly named as used in the attack, explained Brian Bartholomew, senior security researcher at Kaspersky Lab.  "This led to wider research into a cluster of related cyber-espionage and cyber-sabotage campaigns targeting financial institutions, media stations and manufacturing companies, among others," Bartholomew told eWEEK.