BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Sony back to normal after cyberattack

From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Fri, 27 Nov 2015 13:29:56 -0700
http://www.stuff.co.nz/technology/digital-living/74383232/sony-back-to-normal-after-cyberattack

Once every two or three weeks, when Michael Lynton is eating lunch at a
restaurant or traveling for business, someone brings it up.

It's usually an acquaintance, but it's sometimes a stranger. Either way,
it's someone who has read excerpts of emails stolen from the 55-year-old
chairman of Sony Pictures Entertainment as part of the massive computer
hack that began a year ago.

Though he finds those conversations strange, he mostly brushes it off.
Lynton - and Sony - wants to keep the worst cyberattack in American
corporate history squarely in the rear-view mirror.

"When you walk around the studio now, oddly, it feels very much the way it
did before the hack," Lynton said. "It feels like we're back to normal and
that we're very much down to business. And that to me is the greatest
triumph."

Lynton's tone stands in contrast to the atmosphere during the months after
cyberterrorists launched a devastating attack on Sony's computer systems in
response to the studio's decision to release The Interview, a film that
depicted the fictional assassination of North Korean dictator Kim Jong Un.

The assault, which the US blamed on North Korea, went public November 24.
It wiped data from its servers, exposed the personal information of tens of
thousands of people, and revealed embarrassing emails between executives
and filmmakers, including racially tinged jokes between then-studio chief
Amy Pascal and producer Scott Rudin.

In the darkest moments, employees received intimidating messages, and movie
theaters that planned to screenThe Interview were threatened with a
9/11-style terrorism attack. Executives were widely criticised for
greenlighting the movie, while free speech advocates and President Barack
Obama rebuked Sony's leadership when they briefly appeared to halt the
release.

Beyond the studio walls, cybersecurity analysts believe the hack will have
a lasting effect on American companies wanting to avoid their own version
of Sony's crisis. Information technology departments are ramping up their
security systems and re-evaluating what kind of information to keep on the
network and for how long. Some individuals have become more cautious with
email.

The ordeal was seen as a wake-up call to board rooms and corner offices
around the country and "did more to raise national security cyber-awareness
than any other single event", according to John Carlin, assistant attorney
general at the Justice Department for national security.

It wasn't the typical cybercrime by thieves in search of credit card
information to sell - it was an enemy nation causing as much damage, chaos
and humiliation as possible, said cybersecurity expert Peter Toren.

"It was a real game-changer," said Toren, who used to work in the
Department of Justice's Computer Crime and Intellectual Property Section.

Lynton in recent weeks has trekked to two industry events where he
discussed the hack and the need to prepare for the worst. On Nov. 10, three
men were indicted in the massive cyberattack on JPMorgan Chase & Co.

He acknowledges that the company had to make up its response to the hack as
it went along. Staff members were forced to go analog, relying on paper and
pens, fax machines and chalkboards.

Employees hauled old BlackBerrys out of storage, and workers were paid with
paper checks. Sony took its network offline to keep the damage from
spreading after the breach was discovered. Within 48 hours, the FBI sent 20
agents to the Culver City lot to do forensics.

Today Lynton tells fellow executives that a robust defense against
cybercriminals is not enough. Companies need to know what to do when a
disaster strikes and have the "fire drill" ready.

"I do think that people need to do that exercise," he said, "because
beefing up your security is not going to do it."

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!
Previous By Date Next
Previous By Thread Next

Current thread: