The recent cyberattack on Sony Pictures has been definitively linked to the government of North Korea, presumably in response to Sony’s upcoming release of the comedy The Interview. The US government said that North Korea was “centrally involved” in the attack, which has resulted in the leakage of several pre-release films, lots of embarrassing emails, and a variety of other content that Sony Pictures would rather not have had released – in total, up to 100 terabytes of data. North Korea upped the stakes following this cyberattack, threatening to create what amounted to another 9/11 if theatres showed the film. Clearly, Kim Jong-un does not have a sense of humor (or a good hair stylist).
The most recent result of this cyberattack, other than lots of apologies and hand-wringing from Sony executives, was the announcement by several major US theatre chains that they would not show The Interview, followed shortly thereafter by Sony’s cancellation of the $42 million film.
An attack on any major company is bad enough, even if the primary result is the cancellation of something as innocuous as a film. But what if North Korea had decided its target was the IT infrastructure of a major US utility, including its nuclear facilities? Black & Veatch published a report this year indicating that fewer than one-third of the electric utilities it surveyed have appropriate security systems with the “proper segmentation, monitoring and redundancies” necessary to deal with cybersecurity threats. How about if North Korea had decided to attack a major hospital network? One of the largest US hospital groups, Community Health Systems, was the victim of a Chinese cyberattack earlier this year, resulting in “only” the loss of data on 4.5 million patients. What about a North Korean cyberattack on the military? An investigation by the US Senate revealed that there were 50 successful hacking attempts against the US Transportation Command between May 2012 and May 2013. Serious and debilitating cyberattacks on utilities, healthcare providers and the military could make us long for “the good old days” when the result of a cyberattack was just the cancellation of a film.
What if it was your company? Have you taken precautions to prevent ransomware from infecting your users? 500,000 victims of Cryptolocker weren’t so lucky. Are your users trained to detect phishing attempts and take appropriate action when they encounter them? Is your security infrastructure sufficient to detect and weed out malware, phishing attempts and other threats that could make you a Sony-like victim? Is your vendor’s threat intelligence protecting your organization sufficiently?
We have done a lot of research on security issues and will be launching another major survey just after the first of the year to find out just how prepared organizations really are.