Could Sony Pictures Have Prevented That Hack? Probably, New Reports Say
The recent hack of Sony Pictures’s computer networks and systems has unearthed a veritable treasure-trove of private email communications between Hollywood executives, and continues to be the gift that keeps on giving in terms of its entertainment factor.
However, Jonah Hill describing the possibility of a “21 Jump Street” and “Men In Black” mash-up film as “clean and rad and powerful” and glimpses of David Fincher’s snarky sense of humor weren’t all that came from the hack. Hackers also exposed some 100 terabytes’ worth of confidential, sensitive information from Sony Pictures’ databases that now threatens the company as a whole.
But was there anything Sony Pictures executives could have done to prevent such a massive hacking of its systems?
Probably, according to new reports.
Sony Pictures executives had actually been made aware of their computer network’s vulnerability in a security audit made mere months before the hack, according to a December 12 Re/Code article.
The PricewaterhouseCoopers audit showed that one firewall and more than 100 devices in Sony Pictures’ network security were being monitored by an in-house group, not the corporate security team that oversees the company’s overall network security. This was troubling, auditors said, because it could have slowed response to a potential attack, Re/Code reports.
“Cyber security is one of the most daunting and potentially dangerous challenges facing businesses today. With several methods of attack, hackers have an unfair advantage against the vast majority of business owners,” says Michael Hladczuk, CEO of Integrated Technology Services. “The single most effective action businesses can take is to hire a competent professional with a proven track record of helping companies identify potential risks and implementing the appropriate security hardware and processes to combat this ever increasing threat.”
The hack might not be the end of Sony’s woes.
According to Re/Code, Sony Pictures executives have contacted law enforcement, citing concerns over network security as the December 25 release date for “The Interview,” a highly controversial movie about a plot to assassinate the leader of North Korea, draws nearer. North Korea has openly threatened retaliation if the movie is released in theaters, but has denied involvement in the hack that took place late last month.
The hacker group behind the cyber attack, which calls itself the Guardians of Peace, has also hinted at future data breaches.
“We are preparing for you a Christmas gift,” the group wrote on the file-sharing site Pastebin. “The gift will be larger quantities of data. And it will be more interesting. The gift will surely give you much more pleasure and put Sony Pictures into the worst state.”
Let’s hope Sony Pictures ramps up its network security before then.