Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

After FBI blames North Korea for Sony attack, now what?

Gregg Keizer | Dec. 22, 2014
The attacks, which were disclosed in late November, made off with gigabyte upon gigabyte of internal Sony documents and files, including embarrassing emails, financial information, passwords, and current and former employees' personal information.

Today, President Barack Obama weighed in, too, saying, "I think they made a mistake," of Sony and the theater chains.

"This will encourage others, certainly," said Tom Chapman, director of cyber operations at Edgewave, a San Diego-based security firm, and a former U.S. Navy cyber-warfare commander who also worked with the FBI and the Navy's criminal investigative service, or NCIS. "What's going to happen if there's a movie that a Muslim terrorist doesn't like? What will happen if some group says, 'Don't sell this product' or 'Don't support this cause?'"

Ullrich agreed. "With the wave of DDoS [distributed denial-of-service] attacks over the last years, they found a lot of 'followers' [when] they where successful," he said in an email reply to questions.

For Chapman, implementing stricter security measures — something Sony in hindsight certainly should have done, as none of the documents leaked by the hackers was even password protected, much less encrypted — is well and good. But he urged companies to do more than that.

"An IT department must know what's normal [on their network] and what's not normal," Chapman argued. "They have to watch what's going on on their network. There's no way someone should be able to remove gigabytes of data and not be noticed."

In its statement today, the FBI said it would "identify, pursue, and impose costs and consequences on individuals, groups, or nation states who use cyber means to threaten the United States or U.S. interests," a hint that the reports of possible retaliation against North Korea were accurate.

Good luck with that, said Chapman.

"There's not much we can do to get back at them," Chapman said, pointing out the sanctions already imposed on North Korea and its almost non-existent digital infrastructure. "We have to find a different method."


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.