It’s been all over the news and if you are reading this article, it’s likely that the news reached you already. Sony Pictures Entertainment has been hacked and the company had to suffer embarrassment as much of its information has been leaked, a lot of it dealing a serious blow to the company itself. While the news tickers are still flowing, very few people have a fully clear picture about what happened to the studio or whether this may affect them in any way. This particular data breach has led to such a panic that even the Department of Homeland Security had to report on the issue.
OK, So What The Heck Happened?
On the 24th of November, Sony Pictures Entertainment received a devastating blow from a hacker group that goes by the name of “Guardians of Peace” (yes, we know, it’s ironic). The leak published by the group contains information regarding the employees of the company, its dependants, email exchanges between several parties working for the studio, information regarding the salaries of executives, and even copies of films that have yet to be released in digital format.
If you have experience in running an organization of any size, you know how much damage control this kind of blowover requires!
Oh, and you’re probably wondering why the Department of Homeland Security is involved. That’s because of this little gem:
We will clearly show it to you at the very time and places “The Interview” be shown, including the premiere, how bitter fate those who seek fun in terror should be doomed to.
Soon all the world will see what an awful movie Sony Pictures Entertainment has made.
The world will be full of fear.
Remember the 11th of September 2001.
We recommend you to keep yourself distant from the places at that time.
(If your house is nearby, you’d better leave.)
Whatever comes in the coming days is called by the greed of Sony Pictures Entertainment.
All the world will denounce the SONY.”
The above grammatically-contorted text was released by the hackers claiming responsibility for the compromise, basically threatening to engage in a terrorist act against theaters that show a film that Sony Pictures has prepared called The Interview. This film and its ties against North Korea make it very likely that this is the country where the compromise originated from. Although we cannot say that North Korea was responsible for this attack with certainty, the FBI has concluded that it’s very likely. Ever since this fiasco happened, the North Korean government has offered to help the United States in its investigation to find the hackers’ identities after denying that it was responsible for the attack. The country’s leadership then said there would be grave consequences if Washington doesn’t collaborate, according to a report by The Guardian.
The personal information released included the names, addresses, social security numbers, driver’s licenses, passport numbers, bank information, credit card data, usernames, passwords, compensation numbers, and health information about each employee under Sony Pictures’ payroll.
It Didn’t Stop There
After the massive data breach at Sony Pictures Entertainment, another attack took place on December 8th, 2014. The PlayStation Network suffered after its store was disabled, according to a report by CNET. This attack did not leak information about employees, but did leave the network down for awhile, making it difficult for gamers to be able to play online during the incident. The group claiming responsibility for the attack has no relation to the Guardians of Peace and calls themselves Lizard Squad.
The attack was most likely a simple distributed denial of service (DDoS), which does not break into the database of the company or compromise any of its IT assets. The attack simply took servers offline by overloading their ability to process network packets. It was more of a flood than anything else.
How Did Sony Entertainment Pictures Suffer a Compromise?
It’s no surprise that film producers often become juicy targets for malicious people. The more successful they are, the more likely it is that someone is always actively trying to figure out a way to break into their servers. This leads to one conclusion: It was inevitable. But even that conclusion is incorrect. A compromise happened because of a vulnerability in the company’s security. This means that it was preventable.
In the majority of cases we see, where one organization suffers massive blows from hackers, there’s always something that could have been done to prevent it. Usually, the most common mistake companies make is to establish employee security best practice policies with generally weak enforcement. This and poorly-managed passwords top our list of reasons why companies end up suffering breaches so often. Since we don’t have a lot of information about the way in which hackers managed to break into Sony’s systems, we must be broad with our speculation on what happened.
Our best guess is that Sony had a very obscure, tiny vulnerability somewhere that hackers have eventually found. We’re thinking that it might have been either a weak password somewhere or a weak employee (i.e. susceptible to social engineering techniques). There’s also the possibility of sabotage happening. According to reports of the events that transpired within Sony’s offices, we believe that the hackers may have had remote access to at least one key system, which allowed them to seep into the rest of the network and steal information that was presumed to be sealed safely and far from reach. All it took was one single weak link in the entire security infrastructure for this entire calamity to ensue.
Could This Have Been Prevented?
Before we speak any further on this issue, we’d like to say that our hearts go out to Sony Pictures Entertainment and its employees, customers, executives, freelancers, and anyone else who was affected by this horrible incident.
As the shock settles, we feel that it is our duty to inform everyone of how things like these can be easily prevented. Sony isn’t the first company that this happens to. And with our solutions, we hope to make this world one in which nothing like this can happen again.
Let’s assess a couple of the things that definitely could have prevented the events that occurred on November the 24th:
Security policy — It’s probably safe to assume that Sony has always had some sort of security policy for its employees. The problem is that this is often not enough. It is also necessary to have a very current policy that includes irrefutable standards on password creation that cannot be infringed by any means. This means obligating all persons working in the company to have strong passwords. Enforcing the policy is another story. With PerfectCloud, you can on-board your employees into any web-based application or database management platform without having to rely on the promise that they will set strong passwords themselves. This also adds convenience for your employees, since all they have to do to gain access to an application is click on an icon.
Auditing of application use — What if your culprit is not an unwitting accomplice who happened to have a weak password, but a saboteur who wants to grind your company into a pulp? With our auditing features, you can see precisely who is using what and at what time the application was accessed. This aids you significantly in your investigation into breaching incidents.
Unique passwords — In an organization, it is ideal to have unique passwords for each account associated with each identity. In other words, no two passwords used within the organization should ever be alike (or even similar). This prevents hackers from “account hopping”. They won’t be able to use the password they managed to steal in one service to access another service. If you can’t stop a hacker in his tracks, it’s best to contain the amount of damage one can do with the credentials acquired. Our SmartSignin solution liberates everyone to use unique passwords at their whim.
Superior key management — When hackers are looking at something encrypted, they want to find a way to break that encryption, preferably using a method that doesn’t involve incredible amounts of work. Since they have a tendency to follow the path of least resistance, they will start looking for the location of encryption keys and other data helpful to decrypting stored data. In most conventional servers, the location of the key coincides with the location of the data itself. This makes hackers like the ones we mentioned today easily strike gold at every corner. It’s the principal reason why hacking is such a problem: It’s so damn easy! Both of our solutions — SmartSignin and SmartCryptor — have a unique ability to store keys in a place hackers don’t travel: your mind. No of the keys are ever stored, transmitted, or exposed in any sort of way. Meaning that there is virtually no way for hackers to gain access to a central repository of credentials.
In short, an extra-strong security policy coupled with the use of our solutions could have easily prevented the brunt of the outbreak and contained the damage to one tiny cell of Sony Pictures Entertainment’s operations. We have made a solution that ensures top-to-bottom holistic protection of any organization’s IT infrastructure at a price that more than justifies its return on investment. We are confident that if more companies would step up and make use of our platform in a way that integrates the use of common sense, most of these ugly events would not have happened and there would be many frustrated hackers turning towards more productive endeavors!