In November of 2014, hackers infiltrated Sony’s computer network lifting terabytes of corporate data, human resources information, internal intel, films, corporate emails, and other valuable information. This led the corporate world to question how protected we really are from cyber attacks. In the 1990’s, the only computer issues were viruses, but the attack vectors have since changed. Companies and individuals are now subject to spear phishing, spyware attacks, malware, drive-by downloads, and browsers. What steps are now necessary to keep hackers from accessing your valuable data? And on a separate but equally interesting subject for lawyers, who really was behind the Sony attack?
In this episode of Digital Detectives, hosts Sharon Nelson and John Simek analyze the progression of data security over time, look into data loss prevention steps, and consider each potential suspect of the Sony hack. Nelson describes the internet security suites that have been developed to include protection from all different types of attacks. However, she explains, these security systems are unlikely to keep out a sophisticated and determined hacker who is specifically targeting a corporation, law firm, or individual. The newer systems simply try to detect the infiltration and respond to it, observing what data is compromised and trying to identify the hacker. Simek explains several systems that are being used for security including data loss prevention, intrusion detection, and Security Information and Event Management (SIEM) products which correlate data to figure out what’s normal.
Nelson and Simek then go on to analyze why Sony was attacked and who may have done it. The hosts explain security blogger Bruce Schneier’s theories on the suspects ranging from an official North Korean military operation to a disgruntled ex-employee. Listen to the podcast to hear the hosts’ strong case for who they think the hacker was. Nelson also reviews Sony’s reaction to the security attack. Stay tuned until the end for the NSA’s rumored ability to create a cyber defense system and the international implications of an automated cyber attack response.