In the days before Thanksgiving 2014, Sony Pictures employees walked into work to find that their computer system was hacked. Computers flashed forbidding messages, and the network was completely compromised. Not too long after the initial discovery, employees found that their personal information was being leaked onto the web; things like their Social Security numbers, private emails and salaries. Additionally, employees found that five Sony-produced movies had been spread online. It was a grim day for Sony, and made us all think more about network security.
What happened in the cyber-attack?
The cyber-attack was thought to be in response to the movie “The Interview”, a comedy that discusses the assassination of the North Korean leader Kim Jon Un. Whatever the reason, the attack “used ‘a sophisticated worm to conduct cyber exploration activities,’ said retired Brigadier Gen. Gregory J. Touhill, who serves as deputy assistant secretary for cybersecurity operations and programs at the Department of Homeland Security.”(1) This attack is reported to have destroyed servers and computers, first taking data, and then wiping them of all of the data.
Taking Proper Network Security Precautions
It’s now been more than six weeks since the attack, and Sony is still working on getting its network back up and running. Ideally, Sony would have had a strong, proactive intelligence threat program to identify and address any security vulnerabilities that it might have. Large enterprises and small businesses alike should assume that they may be the target of a hacker attack. While no security precautions are perfect, each business should look at its security program to make sure that it is robust enough for the most common and most basic security attacks.
Could the attack have been prevented?
It is unlikely that the attack could have been totally prevented. However, it is likely that if Sony had a more robust security intelligence team, the leak wouldn’t have been as bad. The lesson here is: it is really important to make sure that you are continually monitoring your computer network system to make sure that your company minimizes the risk for a systems hack.
- Park, M. & Ford, D. CNN. North Korea to U.S.: Show evidence we hacked Sony. 9:18 AM ET Wed January 14, 2015. Accessed Wed January 14, 2015.