Businesses have to be in a state of perpetual cyber warfare - Lessons from Sony Pictures Entertainment (SPE) Hack

Sony Pictures Entertainment (SPE) hack has turned the business community across the world upside down. This was an unprecedented Cyber Attacks. The hackers are believed to be north Koreans operating from China, were furious at Sony producing "The Interview", a movie that depicts the assassination of North Korean leader Kim Jong Un. The attack was destructive with malicious intent initiated by a sophisticated actor. The attackers took terabytes of data, deleted original movie copies, and left threatening messages. Everything from private correspondence among Sony executives, salary and performance data, un-released movies are out there in the open public space. Some of these revelations are obviously embarrassing to the individuals also. Many say "it could have happened to anybody and there was nothing Sony could have done to stop this breach". Such Malware are undetectable by standard antivirus software. It is believed that the malware used against Sony would have gotten past most networks out there today.Attacks in future will be unprecedented, damaging, unique that would steal data and hit reputation. Information espionage, sabotage, theft have become part and parcel of corporate competition. Militaries have used information warfare for decades, and this medium has been an integral component of warfare. The Stuxnet  attack on Iran was perhaps a work of United States, Israel, Germany. Today, Cyber Attacks are unique and unprecedented. Antivirus Software in most cases is not effective against unknowns, specially rehashed malware.Some critics argue that Sony was lax wrt cyber security. Cybersecurity is a continuous process that is always evolving to anticipate and defend. Such is the nature of cybersecurity. The ability to use experience, knowledge and judgment to prevent, detect and respond against such unknown unknowns is where our real value lies today. Cyber security has no right and no wrong way, there will be times when we may fail. However, once hit, timely detection and response is key, else cleaning up the mess will cost millions. One sure tip is make sure you got an ace security team to look after your infrastructure.

Rate this article: 
Average: 1 (1 vote)