Sunday, December 21, 2014

Data security in the question of the company after Sony Hack

Sony Pictures Entertainment Inc. Studios implications As cyber Next
Flickr


By Mae Anderson, AP Technology Writer

ATLANTA (AP) - The companies all over the world are on alert in order to strengthen network security, not the next company knelt by pirates as a leading spectacular cyber attack against Sony Pictures Entertainment.

The hack, said a US official investigators believe is in North Korea in connection led to the cancellation of a movie from Sony and ultimately could be hundreds of millions of movie studios cost. This hack contain terrorist threats and focused on far-reaching damage to the economy, and not steal customer information for the crimes of fraud as Home Depot and Target, says a new frontier has become the cyber security. Suddenly all the big companies could be cyberextortion the goal.

"The injury of Sony's renaissance, after the year of the mega gaps we have seen," said Lee Weiner, senior vice president of security company Rapid7 Boston and engineering products. "It's a stolen harm to society very different data type".

This should show to all US companies must "take cyber as serious as the physical safety of employees or the safety of the physical facilities," says Cynthia Larose, president of the practice of privacy and security Mintz Levin firm in Boston.

The injury is particularly worrying in Hollywood, in which it is assumed that the secret to be essential to ensure that the millions of cinema not leak secrets.

"Films studios were usually the security vendors that have been recorded IP behaved strictly controlled Inspectors are stored and smugglers are pursued wherever possible," says Professor Faculty of the University said Seth Shapiro Southern California Motion Picture Arts. He said that's what makes it so surprising that email leaks have revealed that Sony executives apparently gave passwords in unencrypted e-mails and made other security error.

"The apparent negligence of Sony Computer Security - given the history of previous hacks - is unprecedented in the history of technology media," he said. The Sony Corp. PlayStation Network was hacked in 2011.

The studios are trying to strengthen after the attack Sony. Warner Bros. executives earlier this week ordered a password reset for the entire company and sent a list of security control in five points for advising the employee to see your computer for all unneeded data in an e-mail from The Associated to Clean Press. "Take only what you need for business purposes," the message.

Nevertheless, some say there is little they can do business in order to avoid such a sophisticated cyber attack. The key lies more in the damage detection and limit.

"There are very few companies that can withstand such a big attack" Mogull, an analyst at security firm Securosis in Phoenix said. "However, many companies need to improve what they do in terms of safety, I see every day with the company I work with."

The companies have to invest in their networks in order to identify and work quickly to resolve it vulnerabilities. Jonathan Sander, strategy and research director of the security company STEALTHbits data in Hawthorne, New Jersey recommends a comprehensive review to ensure that obsolete, such as digital copies of old contracts and electronic files conversations took place for years, and are not stored on the corporate network is.

"There are a lot of things sitting there and waiting was added and the kinds of things that are used happened this time Sony" says Sander.

Sony said that the failure was each client session since STEALTHbits Technologies began earlier this month stolen information leaks and made international headlines come.

"We used to have people on the idea that you need to take to protect such data must," he said. "Now we go in and ask," How can I make my data appears on the Internet as well as Sony? "

Some customers wonder if they reduce their reliance on email and other digital forms of communication such as e-mail systems do not need to save the data. Sander is not accepted, much protection as making a phone call to exchange passwords and other sensitive information.

More importantly, companies need to quickly grasp on the ability to concentrate and to limit notches as soon as possible. Currently, the average amount of time that a company disclose a breach 200-230 days Rapid7, Weiner said. "This makes it possible allow the attacker to time for a lot of knowledge to gain and do a lot of damage," he said.

Although none of the customers Weiner attack specific major changes to its security in response to Sony, computer security has become a major focus in general. "There has been an increase in investment in information security and awareness of the risks and dangers of such attacks," he said. "We are beginning to see information security as an issue the boardroom, much more attention."

One example is the company could in the technology sector, where most companies have to follow their security measures tightened in the last 18 months in response to revelations about digital espionage tactics US government.

From former contract NSA Edward Snowden documents showed reports that the US government computer networks of Google, Yahoo, Facebook and other technology companies in search of e-mails and other communications used electronics, can reveal the terrorist plans and other illegal activities. The US government has claimed that it never received stolen the kind of very personal information in the breach of Sony Pictures. But technology companies have operated by the NSA tries to free to the public to thwart surveillance by encrypting its internal mail and large customers. Google and Apple, the first software vendor in the world of mobile devices are also automatically encrypt data stored on smartphones, so that information to decipher unauthorized users including government agencies.

General Motors says it amplifies the Internet in the past two years through the integration of information technology in the enterprise to external suppliers. The car company has a leading cyber hackers staff for the entry of GM vehicles consolidated computers and electronic storage of data from 23 centers in the world into two stop near Detroit.

"I'd say we have a higher level (safety) than other companies," said spokeswoman Jennie Ecclestone.

A key to thwart attacks is to know the enemy and just want your business to determine hurt, says Tom Chapman, head of cyber security operations in San Diego Edge Wave.

"In the past, people were looking for a firewall or a single product" for the protection, says Chapman, a retired naval intelligence officer specializing in hunting pirates. "Now they realize that there is a human element. You have to understand that it might be for them. By understanding their potential opponents, you can better tailor your defense."
___

AP Writer Mike Liedtke in San Francisco, Bernard Condon, Anne D'Innocenzio and Joe Pisani in New York, Tom Krisher in Detroit, and Ted BRIDIS in Washington, DC, contributed to this report.

No comments:

Post a Comment