Sony Pictures systems shut down in hack attack
Sony has become the latest major company to fall victim to a hacking attack, with its Sony Pictures Entertainment division hit with an attack that rendered its computer systems unusable.
A hacking group calling itself #GOP shut down the Los Angeles studio's computer systems. Before doing so, the group changed the systems to display a message claiming that they have stolen all the studio's internal data, and threatened to release it into the wild if unspecified demands are not met.
The studio's employees were reduced to working with pen, paper, landline calls and fax machines, the LA Times reported.
#GOP had threatened to release the information on Monday, but there is no evidence that they have followed through with their threat.
The incident is nevertheless a black eye for Sony, according to Warick Business School professor of practice Mark Skilton.
“This is bad for Sony’s reputation and it could be potentially worse if customers suffer financial loss and litigation follows against the competency of the company whose responsibility it is to protect their customer data,” he said.
“While the Verizon report of data breaches reveals there were 63,437 security incidents in 2013 reported in more than 50 global organisations, the large majority are financially motivated rather than acts of terrorism.”
Responding to emerging cyberthreats is getting harder in light of the increasing sophistication of methods used, he said.
Dell Software A/NZ managing director Ian Hodge would agree. “There is no clouding the fact that security threats are increasing. Hackers are becoming more advanced in their techniques and, with more devices being connected than ever before, it is becoming easier to spread malicious software,” he commented.
“One vulnerability or gap left open can and will be exploited by cybercriminals, whether it be via a drive-by-download, phishing or a zero-day attack. And it’s not just the big companies, like Sony, who are under threat. CryptoWall and CryptoLocker have shown that any Australian business can be a target.”
He recommended that companies adopt next-generation firewalls with inbuilt deep-packet inspection technology to filter malicious executables before they reach an employee’s inbox.
Secure-by-design software development for digital innovation
The rise of DevSecOps methodologies and developments in AI offers every business the opportunity...
Bolstering AI-powered cybersecurity in the face of increasing threats
The escalation of complex cyber risks is becoming a pressing issue for those in business...
How attackers are weaponising GenAI through data poisoning and manipulation
The possibility for shared large language models to be manipulated through data poisoning...
