What happened to Sony should have companies worried. The FBI says what happened to Sony was so sophisticated a hack that it can penetrate 90% of net defenses. That is some hack and reason to take pause before sending those emails that you thought were private. As of now the FBI, Mandiant, and Sony all have not yet explained what makes this hack so unprecedented and sophisticated. No one really knows who was behind the hack. Some think it was North Korea but the country denied involvement even though it cheered the Guardians of Peace for implementing the hack against Sony.
The Sony Pictures hack may be done but like the Snowden files, the leaks will keep coming for months and months. As more information comes to light about how it took place it becomes clear there were mistakes. Just like Target could have done more with its security, Sony could have done a lot more as well.
“We have tremendous respect for Kevin Mandia and the team he’s assembled at FireEye’s Mandiant, but we completely disagree with the statement he made over the weekend. He is clearly offering Sony the opportunity to hide behind the veil of advanced persistent threats. ~Ken Levine, president and CEO of security service provider Digital Guardian
The data breach Sony had a few weeks ago at the hands of Guardians of Peace (GOP) was the largest hack in a long time. The group got away with 100 terabytes of data containing sensitive information. The data had digital versions of unreleased Sony movies some of which were released to the torrent sites. It had personal details about employees such as emails, social security numbers, and addresses. The data of the celebrities that work with Sony has already caused issues for executives at the studio and we are sure more dirt will come out. However, what can cause the most damage is the information on the current and future business plans.
The level of sophistication is extremely high and we can tell…that [the hackers] are organized and certainly persistent. In speaking with Sony and separately, the Mandiant security provider, the malware that was used would have slipped or probably gotten past 90% of Net defenses that are out there today in private industry and [likely] challenged even state government. ~FBI’s assistant director of the cyber division Joseph Demarest