In late November, a cybercriminal group called the Guardians of Peace (GOP) gained access to Sony Entertainment’s computer network and stole more than 100 TB of confidential employee documents, unreleased movies, and more.
It has been widely suggested that the group resides in North Korea, and that the hack was in response to Sony’s recent plans to release the movie “The Interview,” in theatres. The plot of the comedy revolves around an assassination attempt on North Korean leader Kim Jong-un. After the initial online attacks were discovered, the hackers installed a “wiper” malware onto Sony’s network – a software designed to permanently wipe data from Sony’s servers.
Regardless of who was involved in the attack, the event is a reminder of the importance of securing computer networks. Even Sony, a company that recorded a $72B revenue in 2013 and had an assumingly robust IT security barrier, was compromised – and not for the first time. The organization learned a great deal from the attack; and so did the public – in some cases, gaining access to extremely sensitive information the hackers released.
So, what measures can you take to secure your own business IT network?
Install a Firewall
Every network security system begins with a firewall. These control the barrier between trusted internal connections (LAN) and un-secure external sources (WAN). Firewalls can be in the form of software or actual hardware, and are recommended for most businesses with internal servers. However, a firewall alone could not prevent the Sony hack, which is why the next two actions described here are equally important.
Monitor Your Network
Experts suggest that the Sony hacking intrusion could have been going on for at least a year before it was discovered last November. Monitoring PCs and servers can identify irregularities and alert the user much sooner to a problem, mitigating restoration time in the case of a hack. Penetration testing, intentionally attacking a computer system to discover security weaknesses, can also be performed by third-party software to evaluate the quality and vulnerabilities of a system’s security.
Back Up Your Data
The potential loss of a huge portion of important business files poses a massive headache for Sony. Backing up information in a secure, off-site location is like data insurance. It ensures that original network files can be restored in the event of data loss during a breach.
It is difficult to gauge just how much damage has been done to Sony as a company and a brand by this event. In 2011, the company’s PlayStation and Qriocity services were hacked and data from 77 million users was stolen. The network restoration process took 24 days, and the incident cost Sony $172 million.