The reason is that it was a _Destructive_ attack. Credit card numbers were not stolen. Data was deleted and stolen. Highly unusual attack.
Dark Reading has a story on the “destructive” attack.
” “If your only goal is to do damage,” says Jonathan Sander, strategy and research officer for Stealthbits Technologies, “you don’t need a lot of access.”
As some security experts have said, the Sony attackers could have compromised the company with just a humble phishing message, then planted the wiper malware and let it take it from there. Malware is quite good at proliferating itself, so the hackers could simply sit back and watch. Watch as the malware deleted all the company’s data and turned its hardware into expensive paperweights.“
The entry point is the same for most attacks (phishing emails), yet the effect is different. In a credit card number heist there is no visible effect (unless one is viewing the logs carefully). But in the Sony attack files were copied and deleted, which means one day you walk in the office and all the files on the server are gone.
A similar destructive attack is a DOS (denial of service) attack, where there is specific attacks on webservers or DNS servers, which inhibit the user from using the Internet correctly. A sustained DOS attack can affect many webservers and essentially make them unusable. but once you fix the problem, or it goes away for whatever reason the files are still there.
The reason the Sony attack will stay in the IT conscience is due to it’s destructive nature. Deleting files is bad, and we have an aversion to someone screaming ” Where Are All The Files?”.
So if you ask me, this Sony attack will create more attacks like this (as is usually the case). 2015 should be the year we become more pro-active not less. So fix your security processes now, spend more money on firewalls, etc. Do what you have been meaning to do all along.
Do the right thing: also known as Philotimo Φιλοτιμο.
Philotimo is considered to be the highest of all Greek virtues which determines and regulates how someone should behave in their family and social groups. In its simplest form it means “doing good”, and it ensures your behavior will make you stand out from others”
Let us aspire to better security.
Contact Us to help you.