Dive Brief:

• Hackers who infiltrated Sony Pictures Entertainment and exposed internal emails and secrets may have been on a practice run to infiltrate utility systems, say some experts.
• Focus on digital threats has been rising in the wake of two recent pieces of software highligted by the Department of Homeland Security, which in November issued alerts for malware targeting utilities. 
• The attack on Sony's systems involved destructive malware and the theft of proprietary information, and ultimately led to physical threats against theaters which planned to show the Sony's The Interview. The movie's premier was subsequently canceled.

Dive Insight:

The FBI has linked the hack on Sony to North Korea, and Reuters reports the electronic invasion may have been a test run for attacks ultimately aimed at the utility space. 

Reuters quotes Kim Heung-kwang, a North Korea defector and computer science professor as saying, "North Korea's ultimate goal in cyberstrategy is to be able to attack national infrastructure of South Korea and the United States."

Attacks on control systems in the energy space are fairly rare, but the U.S. Industrial Control Systems Cyber Emergency Response Team has recently identified a pair of malware threats potentially aimed at utilities. The older Havex malware threat and newer BlackEnergy have both been in the news lately, and are targeting utility grids. Power and gas delivery companies are spending billions of dollars to protect their grids, with the bulk of that money being directed towards online control systems.

Law enforcement said technical analysis of the data deletion malware used in the Sony attack revealed links to other malware that the FBI knows North Korean actors previously developed.