Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Subscribe
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
IFCI's Studies in Cybercrime: The Great SONY Hack of 2014
Rating: 4.5 out of 5(430 ratings)
1,515 students

IFCI's Studies in Cybercrime: The Great SONY Hack of 2014

Learn to investigate the North Korean hackers who launched a devastating cyber attack against Sony Pictures in 2014.
Created byBrian Hussey
Last updated 1/2015
English

What you'll learn

  • Know more about the Sony hack than any of the newscasters and most cyber security experts
  • Learn about in-depth malware analysis and how it can create real and immediately actionable cyber threat intelligence
  • Learn about the history behind the Sony attack, the reasoning and methodologies behind it and the geopolitical impact it incurred

Course content

1 section10 lectures1h 32m total length

  • The Great SONY Hack of 2014 - A History9:05

    Explore the great Sony hack of 2014 as a history of a massive data breach, data destruction, and escalating geopolitical fallout, including North Korea and sanctions.

  • Sony Hack Intro - Part 214:07

    Hackers orchestrated the Sony Pictures breach, releasing stolen data weekly to embarrass Sony, including emails, salaries, passwords, and movies. They linked the theft to North Korea and the interview controversy.

  • PEStudio Analysis of Destover.C11:40

    Examine the Destover.C variant with PEStudio to reveal static indicators, autostart services, network callouts, and hard-coded Sony infrastructure details.

  • PEStudio Analysis of Destover.A5:24

    PEStudio analysis of Destover.A shows a 2014 file header, ongoing malware refinement, a Korean language pack, and techniques to delete data on shared drives and establish remote services.

  • Decoding XOR Strings from Internal Destover Structure11:00
  • Binary Patching with OllyDbg7:32

    Learn to patch binary code with OllyDbg by locating sleep calls, changing kernel32 Sleep from 45 minutes to 60 seconds, and producing a patched executable.

  • Dynamic Analysis of Destover.C7:02

    Examine dynamic behavior of destover.c using tools like Redshaw, Wireshark, Process Explorer, and Process Monitor to capture system changes, network traffic, and memory strings, revealing unpacked data and file activity.

  • Malicious Artifact Analysis of Destover.C15:34

    An artifact analysis of Destover.C shows malware that creates autostart services and hides with a rootkit driver, while spreading inside Sony Pictures Entertainment networks via net use and shares.

  • Destover Command & Control Server Investigation5:46

    Investigate six suspicious ip addresses tied to a Destover command and control, tracing routes and geo-locating origins like Palermo, Italy, Bangkok, Thailand, and La Paz, Bolivia.

  • Destover Boot Sector Rewrite and Wrap-up5:05

Requirements

  • A technical / cyber security background is useful but not required
  • Successful graduates of the IFCI Expert Cybercrime Investigator course will get the most benefit from this course

Description

                In November of 2014 an elite group of North Korean hackers executed a devastating cyber attack against Sony Pictures Entertainment in retaliation for their new movie, The Interview, a comedy depicting the assassination of Kim Jong Un.  The attackers stole all of Sony's most private data and then strategically released it to the media. All of Sony's financial data, unreleased movies, and embarrassing e-mails mocking celebrities and the president of the United States.  Furthermore, their malware destroyed Sony's computers, cutting off their access to their own data. 

                This attack grew from cyber terror to real terrorism as the story developed and it resulted in President Obama executing an executive order shifting US economic policy against North Korea.  This was truly one of the most significant hacks in the history of Cybercrime. 

                This course will explain the attack in deep technical detail by analyzing the malware used by the North Koreans.  Contained within these binaries is all the information Sony needs to understand how a worm spread throughout their network and destroyed their infrastructure.  You will learn how Sony was victimized and what they could have done to prevent it.  By the end of this course you will know more about this attack than the newscasters, more than top cyber security experts, and quite possibly more than Sony themselves. 

Who this course is for:

  • This course is appropriate for anyone interested in cybercrime, cyber security, malware analysis, or learning about one of the greatest hacks in history.
  • The content is technical but students do not need to understand the technical methodology to understand the importance of the findings
  • This course does not teach malware analysis in-depth. The instructor uses many analytic techniques that students can learn from but those students that wish to truly learn malware analysis or computer forensics should take the IFCI Expert Cybercrime Investigator's course, available on Udemy and at cybercrimeinvestigators.com.

Report abuse