Wall Street Journal has a very good detailed story of what happened during the hack.
http://www.wsj.com/articles/behind-the-scenes-at-sony-as-hacking-crisis-unfolded-1419985719?mod=WSJ_hpp_MIDDLENexttoWhatsNewsThird (May have to have a subscription to see the whole article)
Besides the improvisation of he employees and management it is obvious to me:
1. There was no Disaster Recovery plan.
2. The erased contents of their servers meant that this was an unprecedented attack.
3. A top cybersecurity company was hired (FireEye) after the attack.
“Kevin Mandia, FireEye’s chief operating officer, called the confluence of stolen credentials, erased hard drives, and leaked documents at Sony unprecedented in the history of corporate cyberhacks.“
This is an interesting paragraph:
“Sony Corp. has been hacked before, so questions have been raised about its defenses. In 2011, hackers stole personal-account data for more than 100 million users of Sony’s PlayStation game system, a public-relations disaster. In the following years, Sony Corp. increased staff at its 24-hour security operations center near Washington, D.C., that worked for all of its U.S. units, as well as directly at the studio, according to former employees. Sony Pictures employed 42 firewalls—specialized computers designed to keep out hackers.”
The subsequent chain of events with threats to movie theaters andthe Sony decisions are not relevant in this blog except for hte final quote by Sony Executive Mr. Lynton (he was in discussions with theater chains)
” The discussions were cordial, according to a person with knowledge of the calls, but one exhibition executive said the industry still holds a grudge against Sony for its handling of the matter.
Mr. Lynton said that amid the chaos and conflicting demands of the past month, his top priority was to make important decisions quickly: “You can’t be caught in the headlights doing nothing.” “
My comments: even with a previous attack in 2011 and “upgraded” technology Sony was hacked again and in such a manner as was heretofold unforeseen. This was a grudge by a former employee or otherwise from a sophisticated hacker with a goal in mind. (stealing and erasing data).
My question to all is can you definitively say that the people you know, have hired, have made enemies, or even criminals from around the world would _not_ ATTACK you if they could.
I.e. if you do not update your security posture every year, improving and spending money every year instead of after every hack. You will get hacked and be known as the company that gets hacked (Sony had a reputation of being hacked)
Adding some more info later in day:
Threatbrief has a post on Sony as well: http://threatbrief.com/hacking-scandal-exposes-corporation-decline/
From the William Pesek article:
“In a recent three-minute skit on Saturday Night Live, comedian Mike Myers nailed one of the less-discussed problems to be exposed by North Korea’s hack of Sony Pictures: the apparent cluelessness of top Sony brass in Tokyo.“
Here is the SNL skit
Dr.Evil Interrupts SNL Cold Open To Mock Sony & North Korea Hacking:
So starting with the new year get your security updated – there are better technologies than just firewalls. Contact US to discuss.
In the new year we will review New firewalls, security policies that include mobile devices, and Disaster recovery procedures as well as much more.
What do you want to see here?
Contact me Tony Zafiropoulos 314-504-3974