Enterprise Security Tightens After Sony Hack

Companies across the globe are on high alert to tighten up network security to avoid being the next company brought to its knees by hackers like those that executed the dramatic cyberattack against Sony Pictures Entertainment.

The hack, which a U.S. official has said investigators believe is linked to North Korea, culminated in the cancellation of a Sony film and ultimately could cost the movie studio hundreds of millions of dollars. That the hack included terrorist threats and was focused on causing major corporate damage, rather than on stealing customer information for fraud like in the breaches at Home Depot and Target, indicates a whole new frontier has emerged in cybersecurity. Suddenly every major company could be the target of cyberextortion.

"The Sony breach is a real wake-up call even after the year of mega-breaches we've seen," says Lee Weiner, Boston security firm Rapid7's senior vice president of products and engineering. "This is a completely different type of data stolen with the aim to harm the company."

This should signal to all U.S. businesses that they need to "take cybersecurity as serious as physical security of their employees or security of their physical facilities," says Cynthia Larose, chair of the privacy and security practice at the law firm Mintz Levin in Boston.

The breach is particularly troubling in Hollywood, where secrecy is supposed to be paramount to insure that movie secrets worth millions don't get leaked.

"Movie studios have, by and large, behaved as high-security intellectual property purveyors; prints have been tightly controlled, screeners are watermarked, and bootleggers are prosecuted wherever possible," says Seth Shapiro, a professor at the University of Southern California's School of Cinematic Arts. He said that's what makes it so surprising that email leaks showed that Sony executives apparently gave out passwords in unencrypted emails and made other security blunders.

"The apparently...

Comments are closed.