- The group of people that hacked Sony Pictures Entertainment in 2014 are still actively and successfully conducting cyberattacks worldwide, according to a group of researchers that have been investigating the organization.
- Over the past seven years, the group of hackers, often called Lazarus, has carried out a large number of attacks against a variety of organizations, the researchers said.
- The researchers established links between Lazarus and 1,000 malicious file samples.
The researchers linked Lazarus to DDoS attacks against major organizations in South Korea and the U.S., including government, media, military, aerospace, financial and critical infrastructure groups, according to a CIO report.
Cybersecurity company Novetta, which coordinated the research group and its work, said evidence suggests Lazarus is a "well-structured, well-resourced and highly motivated organization.”
Rather than lone wolf hackers staked out in a basement, cyberattackers are moving to coordinate and work in groups. IBM’s annual threat report found that cybercriminals are consistently using large teams of developers to create powerful malware to attack large numbers of organizations.
The attack on Sony cost the company an estimated $35 million in IT repairs, not to mention damage to the company's reputation when a number of documents came to light.