It’s 2014, and a high-ranking executive has just logged in to work, but what happens next will change the cyber world forever.
One morning, after clocking in and opening their work computer, a high-powered executive at a major international entertainment company received a message.
Well, they received two identical messages, emails to be precise, both from Facebook, which said something like: “Someone tried logging into your account, but don’t worry, Facebook prevented the login attempt.”
“Ugh, it’s 8:00 am, do I have time for this?” the executive thought.
Curious, they clicked the part of the email that said “log in,” typed in their password, and… a captcha.
“No time,” the executive thought to themselves, and went about their day.
But as the corporate exec handled their duties, something was working behind the scenes.
The email they clicked wasn’t from Facebook at all, and harbored a horrible surprise.
A small file was downloaded, which contained a piece of malware called Brambul. It immediately infected the computer, copying login credentials and sending them to a hardcoded email address.
Brambul burrowed into other computers on the network and did the same thing, copied logins and sent them to the same email.
After all this, a backdoor was created on the entire network so the bad actors could come and go as they please.
The attack wasn’t an isolated incident - other members of the company were also being deceived using the same method.
Whether it was “Facebook” or “Google,” employees were receiving emails saying that their accounts had been compromised.
Some were smart enough to see through the scheme, while others weren’t so lucky.
This scheme was a well-orchestrated spear phishing attack, which relied on victims clicking the link that contained the malicious code.
The attacker took a gamble, hoping the high-ranking executive and others would open the email, and sure enough, their gamble paid off.
Those who were tricked into granting attackers access gave the bad actors control of the entire company.
Soon enough, the perpetrators had their hands on everything, from financial information to company gossip to trade secrets.
Attackers exfiltrated the data and slowly and methodically leaked this information to cause the company as much damage as possible.
The result was a publicity campaign that set the tone for almost every high-profile leak that happened after 2014, when the company was first hacked.
You’re probably wondering what company was attacked. It was Sony Pictures Entertainment, one of the world's largest and most successful mass media and entertainment studios.
The company, which was worth about $8 billion at the time, was in deep trouble. But this event served as a valuable lesson to all: that it wasn’t just about getting hacked anymore, it was about what came after.
This event defined both hacktivism and state-sponsored cyberwarfare for a generation. Changing the cyber world forever.
Want to learn more? Check out the Cybernews YouTube channel for more.
Your email address will not be published. Required fields are markedmarked