Lessons From The Sony Hack

Jan 1, 2015 By Anita R
Anita R's picture

Sony Pictures Entertainment has been going through some troubled times.

Last month the company experienced a cyber attack. Hackers attacked the company’s computer system and stole a huge number of confidential documents and posted it online for the world to see.

Besides embarrassing revelations and corporate secrets, sensitive information about employee data has been made public by the attackers. The matter is serious enough that the FBI has stepped in to investigate the matter. 

Who Are The Suspects?

The group of hackers calls themselves the “Guardians of Peace”. However, nobody knows their identity. Some believe that it is a revenge for the movie “The Interview” that was due to be released by the company on Dec 25th. They think North Korea is behind the hack because the movie depicts the assassination of its leader.

Others believe it is the work of some upset employees of Sony who had access to the company’s secrets and passwords and have been recently laid off. The bottom line is that no one knows for sure. 

The leak, however, reveals the poor internal security systems at Sony Pictures. For instance, personal passwords were stored in unprotected text documents. Apart from internal emails, confidential marketing materials, propriety data and more importantly employee social security numbers and other forms of sensitive information - over 150 Gigabytes of them have been stolen by the cyber attackers. 

How Do Hackers Work?

“Hackers” are criminals who try to break into websites, in order to steal information. Hackers go to weaker sites and look for common login and password combinations, using powerful computers and cheap hacking software. With that information and using cookies found on computers, they can easily infiltrate or access what we assume is secure data.

The PlayStation Network is Sony's online service for its game console. Poor security of its systems can leave unsuspecting gamers who are subscribers to PlayStation, vulnerable to attack. Unsuspecting employees are vulnerable when a company's security system is lax and digital data their personal data gets stolen. 

So what can we as consumers to do protect ourselves? The Department of Homeland Security suggests the following: 

                 

  • Stop: Before you use the Internet, take time to understand the risks and learn how to spot potential problems.
  • Think: Take a moment to be certain the path ahead is clear. Consider how your actions online could impact your safety, or your family’s.
  • Connect: Enjoy the Internet with greater confidence, knowing you’ve taken the right steps to safeguard yourself and your computer.

The internet is an integral part of our everyday life. Being a public utility, there is shared responsibility among all stakeholder - users, corporate organizations and governments to keep it safe. We cannot stay away from it, but we can do our part to protect ourselves. 

Courtesy: BBC, DHS.gov