Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Subscribe
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Subscribe
    Home Cybersecurity
    • Cybersecurity
    • Networking

    Sony Network Breach Teaches Lessons for All Enterprises

    Written by

    Wayne Rash
    Published December 4, 2014
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      The idea that the government of North Korea is behind the recent attack on Sony Pictures almost reads like an effort to promote the upcoming movie, “The Interview.” In the movie, the Central Intelligence Agency sends two bumbling journalists on a mission to assassinate the North Korea dictator Kim Jong Il, a plot that has apparently annoyed that ruler.

      Sony Pictures, the studio behind that movie, apparently is saying that North Korea is indeed behind the cyber-attack in November that took down company’s computer systems during the Thanksgiving holiday period.

      However, there are competing claims from a group that calls itself the “Guardians of Peace.” In any case, the attack on the company not only took Sony Pictures offline, the attackers also erased data and leaked Sony movies, some of them unreleased, on the Internet.

      However, nobody really knows for sure whether North Korea was behind the Sony Pictures attack. Nobody knows whether Guardians of Peace had anything to do with the actual breach, is a North Korean front organization or whether it’s simply a bunch of wanna-be hackers claiming credit for something they didn’t do. Complicating matters, nobody knows exactly how the attackers gained access, although there are a few theories.

      As I found out when I interviewed Frank Abagnale, this is a situation in which someone clearly did something they weren’t supposed to do. The identity of that person may never be known, but the fact is that Sony Pictures has a long list of employees and contractors, any one of which could have made a fundamental security mistake or who may have failed to beef up their security enough. Or as Abagnale has suggested, perhaps Sony Pictures simply didn’t provide enough of the right training.

      In addition there may not be a single point of failure here. For example, a disgruntled employee with administrative access could have compromised the security on Sony’s network, perhaps in an attempt to pass out some free movies. Breaching what was probably strong security that protected the unreleased movies was probably enough to gain access to the recesses of the network where the company stored its more sensitive data.

      But even with access to the servers containing the movies, how was it that the attackers also got access to everything from the human resources department to payroll and the email server? Of course it’s possible that Sony may have had really bad internal security, but considering that the company has just recovered from an earlier serious breach to it gaming, one might hope that wasn’t the case.

      Sony Network Breach Teaches Lessons for All Enterprises

      Security researcher Jerome Segura from Malwarebytes thinks that several people probably received an infected document that contained the exploit. That would mean that at least one person in each of the relevant departments received an email or went to a Website containing the exploit and ran it. That leads us back to the problem of inadequate training.

      Segura said that Malwarebytes and other security companies have already obtained the malware and are studying it to see how it works and where it came from. He said that one thing that makes the malware unique is that it was designed specifically to cause operational damage to Sony Pictures and that there was nothing in it that was designed to steal financial information, which is the usual motive for malware.

      “This one is just pure damage,” Segura said. “It’s very targeted to Sony Pictures. We haven’t seen this type of infection for a long time.” He said that nearly all malware today is intended to be used for financial gain and that malware writers avoid causing damage so that they can collect data for a longer time.

      Perhaps more unsettling, Segura said that he and his colleagues are already seeing other, closely related malware in the wild, which means that either the original authors of this malware are expanding their horizons or that other malware distributors are modifying this malware for new purposes and are releasing it again.

      Segura also noticed one other characteristic of the Sony Pictures breach that’s giving him pause. How is it, he wonders that several terabytes of data could have been exfiltrated from Sony’s network without anyone in the company noticing? So far there’s no indication that the malware had any capability that would explain this.

      Of course there’s also another option. Perhaps the attack on Sony Pictures, the theft of personal data and the theft of the movies were independent operations. Could it be that the attack exposed the Sony Pictures network to the world, at which time other hackers came down to feast on the remains, much like vultures feast on the dead and disabled victims of other predators?

      After all, like every large organization, Sony Pictures must have been under constant attack by hackers who could never get past the firewalls and when the attack happened, those barriers were gone. If that’s the case, then the FBI doesn’t need to look for one massive super-hacker, but rather to a single hacker that targeted Sony, followed by a collection of other hackers who simply got lucky.

      If that’s the case, then it speaks more strongly than ever to the reasons why your network needs to be highly compartmentalized. It’s the only way to keep lucky intruders out.

      Wayne Rash
      Wayne Rash
      https://www.eweek.com/author/wayne-rash/
      Wayne Rash is a content writer and editor with a 35-year history covering technology. He’s a frequent speaker on business, technology issues and enterprise computing. He is the author of five books, including his most recent, "Politics on the Nets." Rash is a former Executive Editor of eWEEK and a former analyst in the eWEEK Test Center. He was also an analyst in the InfoWorld Test Center and editor of InternetWeek. He's a retired naval officer, a former principal at American Management Systems and a long-time columnist for Byte Magazine.

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.