To say that the security breach at Sony several years ago was an IT catastrophe would be an understatement. A group of hackers known as the GOP or “Guardians of Peace,” stealthily acquired most or all of the company’s sensitive materials, from emails to user passwords and much more. The group, rumored to be affiliated with the North Korean government, launched the cyber-attack on Sony in an effort to prevent the company from releasing the movie, “The Interview,” which fictionalized an American attempt to assassinate the Korean leader. Sony has since canceled their 2014 release, but thanks to a very public backlash, Sony has considered alternative ways to distribute the film.
However, the brazenness and successfulness of the attack is secondary to gaping holes in Sony’s network security. Information gleaned from documents the hackers released to file-sharing networks highlighted the lax security implemented by Sony’s IT department. For example, Sony employees, from the top echelons of the company down to the lowest ranking trainee were allowed to send passwords through unencrypted emails. Any experienced IT engineer will tell you that this is a vulnerability just waiting to be exploited.
It’s not that there weren’t any warnings to alert Sony that an attack like this was possible. In 2011, hackers launched an attack on the company’s Play Station network in which the personal information of millions of customers was stolen. Even then, Sony execs were heavily criticized for not taking cyber security seriously. In fact, the company had laid off two IT security experts, just weeks before the breach.
Apparently, Sony is not alone in the nonchalant attitude taken toward security by many businesses despite the overwhelming onslaught of network breaches. In 2013, retail giant Target was hit by hackers, and the result was the loss of sensitive information for 40 million debit and credit card holders. Not only did the event create a public relations nightmare, but banks had to take drastic measures, including putting limits on the dollar amount a customer could withdraw.
In September of 2014, home improvement giant, Home Depot confirmed a breach of its security and the loss of sensitive customer information. Cyber security experts say the Home Depot attack looked eerily similar to the Target attack. Credit card numbers and CIV codes were being sold on the same dumping site as the Target data. Some say the breach in security had been open for months.
Hackers originating out of China carried out a decade-long cyber-attack on communications giant Nortel. The hackers were able to breach security safeguards put in place by Nortel’s IT department, by gaining access to just seven passwords. During those ten years, the hackers helped themselves to sensitive information like technical papers, emails, and research and development documents.
The devastating breach in Sony’s cyber-security should be seen as a warning to other businesses to reassess their security protocols, disaster recovery plans , and data encryption policies.
In the Sony case, not only did the hackers abscond with terabytes of sensitive data, the malware that they used to invade Sony’s systems, also erased all of the original data, leaving the hard drives wiped clean.
Nobody said security would be easy—that’s why bigger corporations have IT departments, and every other company struggles with budget allocations or stubbornly lives in denial that an attack will ever come their way. In any case, there are some steps all businesses can take that would go a long way in closing up some of the access points in a company’s communications and security systems. Here are some of them:
- Increase security awareness training for employees. Training in this area will help eliminate simple worker mistakes, like opening suspicious emails that can contain viruses.
- Improve encryption technology so that mobile workers have password-protected laptops, encrypted Wi-Fi and similar measures in the event the device is stolen.
- Improve intrusion prevention on all critical systems that are linked to the Internet like servers, email systems, and other data storage devices by installing a firewall or better yet, installing a UTM (Unified Threat Management) System.
- Some breaches occur when a worker innocently visits another website. Blocking worker access to certain websites could avert a lot of “drive-by” attacks.
- Perform vulnerability scans on every system on the corporation’s network on a regular basis.
- Regularly scan for system vulnerabilities and apply patches whenever one is discovered. Don’t rely on Microsoft updates alone.
- Keep an eye on suspicious behavior, it may be worth your while to install an employee monitoring system.
- Theft accounts for a large amount of data loss. Make use of off-site backup systems or consider migrating your enterprise to the cloud. Never rely on a single layer backup system.
In any event, small and large businesses must be willing to ensure that their enterprise, their data, and the data of their customers, is protected. The cost of making security enhancements pales in comparison to the damage inflicted by a malware attack both real and perceived.