Report claims the Sony cyberattack was pretty much all Sony’s fault by William Hughes.
From the post:
Last November, Sony Pictures Entertainment became the victim of one of the largest cyberattacks in U.S. history, with a group calling itself Guardians Of Peace infiltrating the company’s networks, stealing terabytes of data, and then wiping it from the system. The attack was a massive blow for the company, knocking its communication technology back to the fax machine, rendering it a public laughingstock, and ruining Tobey Maguire’s second life as enigmatic ramblin’ man Neil Deep. But now, six months and one fired co-chair later, the battered company might reasonably have come to the conclusion that things were finally cooling down. Sure, Julian Assange made news in April by posting all of the company’s stolen e-mails on a publicly searchable site for prurient perusal, but beyond that, it seemed that the worst was finally over.
But the worst is not over, it turns out, because six months is how long it took for Fortune magazine investigative reporter Peter Elkind to put together “Inside The Hack Of The Century,” a three-part examination of the company, and how its corporate culture contributed to the attack. Elkind apparently talked to more than 50 Sony employees about the hack, putting together a wide-ranging look at why Sony was such an alluring target for cybercrime.
…
An excellent series on the Sony Hack.
When you read Sony or others extolling the expertise of their attackers, keep this assessment in mind:
Ed Skoudis, a “white hat” hacker who teaches cyberdefense testing for corporate IT security professionals at the SANS Institute, says the skill level deployed at Sony looks “pretty average.” He puts its perpetrators on par with students in his mid-level classes. “It shows the defenses of Sony were not particularly good,” says Skoudis. “I didn’t see the bad guys jumping over any extreme hurdles, because there weren’t any extreme hurdles in place.” (in part 2)
After reading all three parts, ask yourself if the management at Sony sounds like your management?
One aspect of improving cybersecurity is improving management.
Good luck!
Generations of MBAs have labored mightily and the result was the management at Sony and Office of Personnel Management (OPM).
PS: It’s a tad early to call the Sony hack the “hack of the century.” What will we call someone taking over the air handling units and elevators in all of New York’s skyscrapers? Or disabling all cars of a particular brand? Or defrosting all the deep freezers in LA? All of that and more is coming, perhaps within the decade.