Following the news that Sony have cancelled the release of The Interview following the hack on their systems, Brendan Rizzo of Voltage Security and Amar Singh of the Cyber Management Alliance and GiveADay explain the implications of this decision from Sony:
Brendan Rizzo, Technical Director, EMEA, Voltage Security says:
“The events that continue to unfold related to this breach show a startling escalation of cyber attacks that are now becoming a worryingly effective tool for spreading fear and economic damage. The security world have been preparing for large-scale cyber terrorism attacks for years, with the state-sponsored variant proving the biggest risk due to the lager magnitude of resources that can be brought to bear. There have been several isolated incidents reported already, but the recent attack now further blurs the line between state-sponsored attacks (which are often seen as being politically or economically motivated) and cyber-protests (which are usually meant to raise awareness or disseminate information).
“If attackers gain an upper hand and are able to wreak damage on companies at will without being traced, and if these attacks are able to achieve at least some of their objectives (such as the recent postponement of the movie release that we have just seen), then this could be a harbinger of an escalation in these types of attacks still to come. That is why it is so important that companies give their utmost attention to protecting their sensitive customer, employee, and company data in a best-practice data-centric manner to shield themselves from any such attacks. If the recent attack did not result in the theft of unencrypted personal information and digital property, it would have merely been a footnote in an article, instead of the continued lead story in the global media for several weeks running.”
Amar Singh, Founder of the Cyber Management Alliance and GiveADay writes:
“A very sad day indeed. Keeping aside the Sony context, the motto of the West has always been to not give in to terrorists but obviously it seems to be a different rule if those terrorists are cyber attackers. Is this the beginning of a trend where corporations are held hostage and then make decisions (in this case the cinemas appear to have overrule the US president’s wishes - where he Obama encouraged people to go to the cinemas) that impact the masses?
“Yes, in this case it’s just a movie, but what about future attacks that have real world motivations? Imagine an airline boss that does or says something that draws the anger of a nation state. Does that mean the airline stops flying all flights indefinitely? Does it cancel all flights because they have been cyber attacked and threatened?”