The Sony Breach – Safeguard Information and Avoid Blackmail
Timeline of events and threats
- Defense in many layers, from prevention to protection
Organizations have valuable and sensitive information in their possession and every organization is a potential target to cyber breaches. This realization is important and following which, what is even more important is taking action to protect yourself. There was a lack of basic cyber security precautions at Sony headquarters. Administrative computers were logged in and left unattended while guests were unaccompanied and left to wander. The alarming lack of basic cyber security protocol is a welcome mat for hackers. There must be qualified and proactive people in information security roles and imperative that companies employ cybersecurity experts to implement security precautions to take and see them through. Sony’s network also lacked basic cyber security protections, such as two-factor authentication and encrypted data. Having these in place could have minimized the amount of data hackers took and extent of damage. Without these basic protections, once Sony’s initial defences were breached, hackers had free reign to find and retrieve all the data they wanted. Putting secondary protections in place is important to make it harder for hackers to get information once they’re in the network. The key point is to not make a hacker’s job easy even if they have successfully infiltrated the system. Also, in addition to having the right tools, precautions, it is imperative to have qualified and trained personnel to actively monitor and manage these vulnerabilities.
- Offense is risky
In the absence of a clear incident response plan for how to mitigate a breach, Sony attempted to fight back against its attackers. They did so by initiating a series of denial-of-service attacks directed at sites hosting its stolen data. They also planted fake torrent files online hoping to misdirect users who were trying to find stolen films and data to download fake empty files instead. However, this was clearly unsuccessful in stemming the spread of the stolen information as media sources reported widely about the films and data. The cyber security team should have focused their efforts on mitigating the cyber breach by protecting existing data systems and information by implementing more security protocols and encryption, instead of trying to limit the spread of already compromised data.
- Information security should not operate in isolation
In Sony’s case, making a controversial movie about killing the living dictator of a nation known for cyber attacks should have triggered recognition of the need for increased cyber protection. There has to be active communication between the cyber security team and all departments, so that any vulnerabilities and possibilities of attacks due to projects and/or sensitive material/information can be identified promptly. Thus, allowing for better preparation of cyber protection and mitigation plans. The importance of being cyber aware of potential risks to secure and protect information of the company cannot be emphasized further.
- The impact of the cyberattack was disruptive. It knocked out computer systems at the company, and the damage from the wholesale distribution of internal documents was far more serious compared to other breaches. The primary goal of the cyber hackers was to intentionally harm and cause reputational damage to Sony, its employees and partners.
- A group of Sony Pictures employees filed a class-action suit against the firm, claiming that it had failed to maintain reasonable and adequate security measures to protect employees’ information from access and disclosure due to its lax computer security. Sony settled the case for roughly 15 million in April 2016 and agreed to provide a $2 million fund for reimbursement of preventive measures taken in the aftermath of the breach.
- The breach marked a significant turning point in the way the US government viewed and responded to cyberattacks. The US government hinted at potential retaliation against the culprits behind the Sony breach. By doing so, the United States is sending a clear signal to anyone coming after a U.S. company that they will experience the significant technical capabilities of the federal government by way of retribution. This response to a cybersecurity breach directed at a private company with something other than routine law enforcement proceedings was unprecedented and alarming. It suggested that the US government considered its job to protect the reputation and digital resources of every major company within its borders, thus blurring the distinction between attacks on private companies and government institutions.
- It also opened the door for private companies to turn to the government to avenge attackers and at the same time, gave license to other governments around the world to involve themselves in industry disputes and leverage their cyber arsenals on behalf of businesses within their borders.
Enjoyed this article? Curious to find out how you can better protect your organization, data systems and critical accounts in the event of a cyber attack? Contact us now for an in-depth consultation to obtain cyber security measures best tailored for your needs. MWG team will work with your employees, train them in cyber security awareness and guide them in adopting the appropriate cyber security skills in their work processes.