Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
Mysteries are the most popular genre in books, movies and films. Everyone loves to solve a mystery and we now have a doozy of one in real life!
The data breach of Sony Pictures, revealed last week, is the most spectacular security breach in a year that has been a banner one for hackers. Not only did the hackers obtain a massive amount of customer, employee and management data, but at least 5 recent and upcoming Sony films are now playing illegally on your nearest bit torrent file sharing site.
The hack is believed to have been initiated on November 24th and only Windows computers were directly hacked.
An enormous amount of this data has been posted to public web sites, including a spreadsheet with the top 17 employee salaries, employee disciplinary reports, criteria for use in downsizing (firing staff), screen prints from mainframe terminals showing employee payroll and medical data, and a script by Breaking Bad’s creator Vince Gilligan for an unproduced pilot.
This massive dump supports the theory that the breach was not by criminal hackers seeking financial gain, but to damage Sony for other reasons.
The question of who is responsible has become a virtual game of Clue for security investigators. The first guess was the “Dear Leader” in the Korean Peninsula.
Earlier this year, the North Korean regime revealed its displeasure with Sony’s plans to release a comedy about an assassination attempt against their young leader Kim Jung Un. While most governments would take issue if the premise was about their head of state, the North Koreans have a particular attention getting way with words. In response to this news, their Foreign Minister said that they intend “to mercilessly destroy anyone who dares hurt or attack the supreme leadership of the country, even a bit.”
No one can accuse them of being subtle!
North Korea also makes sense as a suspect because they have been connected to other cyber-attacks, most prominently attacks against South Korean banks and television stations in 2013. Some reports say there are similarities to those attacks and the Sony breach.
In addition, Hewlett-Packard issued an investigative report earlier this year about a North Korean agency known as Unit 121. The agency is believed to be one of the world’s largest state sponsored cyber-war and cyber-espionage organizations in the world, with highly advanced capabilities.
No good mystery has only one suspect. The breach was actually revealed when Sony employees turned on their computers and were met with a taunting message from the GOP. No not the Republican party, aka the Grand Old Party! The attackers have dubbed themselves GOP, Guardians of Peace. Cool name!
Speculation is that this is a previously unknown “hacktivist” group, possibly affiliated with the notorious Anonymous. Such groups attack business and government organizations for political reasons, and often target prominent corporations who they feel are examples of “capitalist greed”. The massive dump and braggadocio fits their pattern of behavior.
But wait! There’s more clues to consider!
Hollywood Reporter magazine has reported that emails sent to reporters pointing them to a web site with stolen Sony documents came from a “Nicole Basile”. Who is Nicole Basile?
A linkedin page for a Nicole Basile says she worked for Sony for one year. The web site IMDB.com credits her as an accountant working on the Sony 2012 file The Amazing Spider-Man. Could this have been an inside job? Could Ms. Basile be a disgruntled employee, perhaps upset at some of the recent studio layoffs?
Where in the world is Carmen Sandiego, err… Nicole Basile?
At this point, there is only one thing we know for sure. Once stolen data is out “in the wild” there is no way to put the genie back in the bottle. It is a position that no business or other organization ever wants to be in.
To prevent such a breach, you should rely on Comodo software such as Endpoint Security Manager and SecureBox, designed for Windows, and engineered with the most advanced containerization technology that allows computers to operate safely in the most hostile threat environment.
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
See how your organization scores against cybersecurity threats