Malicious software has been at the heart of cyber attacks for many years, however, the FBI is claiming that now more than ever, it’s imperative to keep a watchful eye out for such software. The Sony Pictures hack that took place this past Thanksgiving (2014) week involved the stealing of 11,000 GB of data.
Sony Hack | FBI Warning
Malicious software has been at the heart of cyber attacks for many years. However, the FBI is claiming that now more than ever, it’s imperative to keep a watchful eye out for such software. The Sony Pictures hack that took place this past Thanksgiving (2014) week involved the stealing of 11,000 GB of data, some of which included passport and visa information of actors and film crew staff.
A group going by the name #GOP claims it is responsible for the hack and says it has “obtained Sony Pictures’ internal data, including its “secrets,” and said it would release the data to the public if its demands were not met.” As of now, there is no clear indication as to what the demands are.
This is not Sony’s first embarrassing security breach. This year alone it has been alleged that user logins were hacked and that regular Sony services were made temporarily unavailable due to a DDoS attack.
The chief cyber security officer at Trend Micro Inc. says he “believe[s] the coordinated cyber attack with destructive payloads against a corporation in the U.S. represents a watershed event.”
The FBI warning has been released in the form of a five-page confidential letter. The warning was distributed to certain private companies who are believed to be vulnerable to the same malware that was used within the Sony hack, however, Sony is not mentioned in the warning. The malicious software is explained and tips are provided to help ensure companies know how to properly respond in the event the malware affects their networks and databases.
It seems that malicious software is becoming more prevalent, and an undeniable primary influencer has been the Internet of Things (IoT). With billions of devices connected to the Internet, it becomes much easier for hackers to acquire private information. It’s because of this that all enterprises — regardless of size — should create and implement an effective IoT security plan.
Although the details of the FBI’s ‘flash’ warning have not been revealed to the public, it’s safe to assume that the gist of the letter explains how to ensure network security through CISA audits. This includes making sure all devices are authorized to connect to enterprise networks, and network checkups are performed on a daily basis. Devices also need password and PIN protection, with traffic being continually monitored on such devices when connected to company networks.
In addition to CISA audits, mobile device management solutions should be installed on all network-connected devices. For devices that don’t have a management app/software downloaded, they should not be allowed to connect to enterprise networks. Management software ensures that security updates are performed regularly, and vulnerabilities can be pinpointed and addressed in a timely fashion, which helps deter hacks and the downloading of malicious software.
Sony makes it clear to see that even some of the biggest corporations are vulnerable to hacking. Somewhere along the line, though, Sony’s IT staff didn’t effectively monitor its IT and network processes, thus enabling hackers the opportunity to steal data. Although no enterprise is completely safe from the IoT, there are precautions that should be taken, with one of the most pertinent being to conduct CISA audits regularly.
A certified information systems (IS) auditor from ExterNetworks can provide you with an objective assessment and recommendation of how your network framework should be altered to ensure IT governance and control. And best of all, the audit assessment is free with no obligation to purchase services.
Subscribe to our Newsletter
Get the latest content from our Managed Services Blog.[contact-form-7 id="686" title="Sidebar Subscribe form"]