US authorities warn that the Guardians of Peace may be expected to hit a media site soon (the Daily News says one of the prospective targets is thought to be CNN). The DPRK's General Bureau of Reconnaissance still figures in speculation about attribution of the Sony hack.
Lizard Squad's Christmas Eve attacks on the Xbox and PlayStation networks appear to have been a denial-of-service-as-service marketing stunt. (They've thereby attracted the ire of their playground rivals in Anonymous. Anonymous disapproves of the hack; Lizard Squad tells Anonymous to "do something" about it.) Among Lizard Squad's offerings is a reconnaissance and attack tool, "Lizard Stresser," designed to probe networks for susceptibility to DDoS, then to shut the vulnerable down. The tool's veneer of legitimacy as a white-hat testing tool will deceive few, but it was priced at between $6 and $500 per attack (payable in Bitcoin).
Lizard Stresser appears to have disappeared from the markets, at least for now, and police in Britain and Finland have arrested two Lizard Squad skids for their role in the Christmas Eve attacks. Both, demonstrating again that "criminal genius" is an oxymoron, had appeared on television as "experts" commenting on the attacks.
Security companies warn that attacks increasingly harness legitimate processes to enhance the effects of malware. The phenomenon isn't new (Cyactive calls it the "Luke Skywalker effect") but its growing prevalence is.
Enterprises are urged to look to risk management, not hermetically sealed networks, as they counter 2015's threats.
The New York Times advocates cyber-deterrence.