Considering its Playstation network was hacked in April 2011, causing one of the largest data security breaches in history, affecting upwards of 77 million registered accounts, Sony really needs to re-assess its cyber security system.
While the 2011 hack was a shock and violation of privacy, resulting in a 23-day network outage to undo some of the damage done re stolen personal information, the current hack on Sony Pictures with revealing emails have wounded quite a few finely-stroked celebrity egos.
In this recent hack, emails between producer Scott Rudin and Sony co-chairman Amy Pascal have revealed their opinions on Angelina Jolie, Michael Fassbender, and even President Obama, a scathing commentary on Hollywood and beyond.
To repair some of the damage, Pascal said in a public statement regarding her email exchanges with Rudin, “The content of my emails to Scott were insensitive and inappropriate but are not an accurate reflection of who I am.”
Many public apologies have been made by both Rudin and Pascal, but what’s done is done.
And who the hackers are still remains a bit of a confusing mess. The group called Guardians of Peace has been cited as the offenders, dishing out Sony employee personal information, celebrity alias names, salaries, and the scoop on not-yet released movies in addition to Rudin and Pascal’s email exchanges. But the plot thickened when Mashable dug up an extortion email sent to top studio execs three days before the attack on November 24:
We’ve got great damage by Sony Pictures.
The compensation for it, monetary compensation we want.
Pay the damage, or Sony Pictures will be bombarded as a whole.
You know us very well.
We never wait long.
You’d better behave wisely.
It is not possible to confirm the letter from God’sApstls is directly related to the Guardians of Peace hack that followed, though the timing seems unusually in sync.
And speculation on North Korea being responsible for the hack in reaction to the movie The Interview still remains speculative: while cybersecurity researchers analyzing the software used in the hack say that technical indicators suggest North Korean involvement, the FBI has not attributed the incident to North Korea at this point, though Sony hasn’t ruled it out as a possible culprit.
This latest hack scandal has certainly further marred the Sony brand, and the breach of trust will necessarily be reflected in consumer sales, be it in movie tickets or Playstation consoles.
The issue now is to find out why these hacks are happening, if they are related, and to possibly set up a negotiation process between Sony and the hackers to see why Sony has been a target. Regardless, Sony must beef up its cyber security from future attacks.
According to an article in Bloomberg, “Sony Corp. (6758) was warned about a year ago that hackers had infiltrated its network and were stealing gigabytes of data several times a week, underscoring a pattern of lapses predating a recent attack that has spilled Sony Pictures’ secrets onto the Internet. . .The hackers … sifted in late 2013 through data from the company’s network, encrypted the information to cover their tracks and mined it on a regular schedule. . . The extent of the breach last year was discovered by an outside contractor after Tokyo-based Sony found suspicious traffic on its corporate computers and requested an analysis …”
Did Sony act upon this warning and if not, why?
In the same article Bloomberg also states that “Sony has been poorly prepared for the intrusions in part because its decentralized structure means security improvements in one division don’t necessarily translate to other units…”
Whether Sony is targeted because hackers know its cyber security is weak or for other reasons is difficult to ascertain currently; however, what Sony can do is to re-assess their decentralized structure and see what other security options are out there that are more robust.
For now, the company is compensating those employees whose personal information have been hacked into and hopefully also investigating the nature of the hacker threats against employees and their families. Tailing the GamerGate scandal this past fall, the attack on Sony continues to bring the issue of hackers and cyber security to the forefront as something that needs to be addressed perhaps on a larger, more collective scale.