Sony Pictures Entertainment had to go back in time after a massive cyberattack crippled its email system, cutting out modern technology and
using old-school tactics to communicate and function.
Employees at Sony Pictures received vague threats
from hackers in November that demanded money and included ambiguous
instructions to "obey," but it wasn't until Sony's computer system was
breached that it became clear that the hackers weren't simply taking the
company's data; they were destroying it.
See also: Report: U.S. officials think North Korea hired foreign hackers to attack Sony
Michael Lynton, the CEO of Sony Entertainment, detailed how the company responded in the wake of the debilitating attack. He told The Wall Street Journal and the New York Times that Sony implemented a "phone tree,"
or updates relayed from person to person via mobile device, and used
employees' personal Gmail accounts, notepads and a cache of old
BlackBerry devices.
Yes, BlackBerrys.
The devices were found
in a basement at Sony's California headquarters, and were ideal because
emails on the BlackBerrys were sent and received using separate
servers.
Since direct deposit is also electronic, Sony administrators
unearthed and began using old machines used to cut physical checks to
pay employees. Sony estimates that it will take at least five to seven
weeks to get the company's internal technology back to normal, according
to the Times.
It wasn't immediately evident from the getgo that this would go down as what some call the biggest corporate hack
in history. Sony's initial statements were vague; it said the company
was looking into an "IT issue." Emails sent to Sony Pictures employees
were met with automated responses that stated their system was
"currently experiencing a disruption."
“It took me 24 or 36 hours to fully understand this was not something
something we were going to be able to recover from in the next week or
two,” Lynton told The Wall Street Journal.
In the following weeks, private email exchanges among top executives
were leaked, as well as the personal information of thousands of
employees (including social security numbers).
The FBI linked the cyberattack to North Korea, reasoning that the hack was the country's response to The Interview, the U.S. movie that depicted an assassination attempt against North Korean leader Kim Jong-un. The hackers threatened violence upon movie theaters that showed The Interview. Top theater chains — and eventually Sony — decided to pull the movie.
In addition to the Sony fallout, tensions between the U.S. and North
Korea have escalated greatly. Pyongyang has denied involvement in the
Sony attack, but threatened a "counteraction" plan against the U.S., alluding to attacks against the White House and Pentagon.
Sony was criticized after pulling The Interview; the company released a statement saying there were no plans for the movie's release. Lynton went on the defense,
appearing on networks like CNN to say that Sony had not caved to
threats and that the company was seeking out ways to release the movie.
Then, after President Barack Obama publicly said he thought Sony's decision was "a mistake," Sony formed a different plan: The Interview would be released online and in a slew of independent theaters nationwide.
There is still some disagreement as to where the responsibility for the cyberattack lies. The FBI stands by its North Korea accusations, telling Mashable this week that there is "no credible information to indicate any other individual is responsible for this cyber incident."
Other cybersecurity firms point to disgruntled former Sony employees (one possibly named "Lena") or to Russia.
But hackers allegedly stole 100TB of data, so what we've seen may only be a tiny piece of a much more massive puzzle.
using old-school tactics to communicate and function.
Employees at Sony Pictures received vague threats
from hackers in November that demanded money and included ambiguous
instructions to "obey," but it wasn't until Sony's computer system was
breached that it became clear that the hackers weren't simply taking the
company's data; they were destroying it.
See also: Report: U.S. officials think North Korea hired foreign hackers to attack Sony
Michael Lynton, the CEO of Sony Entertainment, detailed how the company responded in the wake of the debilitating attack. He told The Wall Street Journal and the New York Times that Sony implemented a "phone tree,"or updates relayed from person to person via mobile device, and used
employees' personal Gmail accounts, notepads and a cache of old
BlackBerry devices.
Yes, BlackBerrys.
The devices were found
in a basement at Sony's California headquarters, and were ideal because
emails on the BlackBerrys were sent and received using separate
servers.
Since direct deposit is also electronic, Sony administrators
unearthed and began using old machines used to cut physical checks to
pay employees. Sony estimates that it will take at least five to seven
weeks to get the company's internal technology back to normal, according
to the Times.
It wasn't immediately evident from the getgo that this would go down as what some call the biggest corporate hack
in history. Sony's initial statements were vague; it said the company
was looking into an "IT issue." Emails sent to Sony Pictures employees
were met with automated responses that stated their system was
"currently experiencing a disruption."
“It took me 24 or 36 hours to fully understand this was not something
we were going to be able to recover from in the next week or two,”“It took me 24 or 36 hours to fully understand this was not
something we were going to be able to recover from in the next week or
two,” Lynton told The Wall Street Journal.
In the following weeks, private email exchanges among top executives
were leaked, as well as the personal information of thousands of
employees (including social security numbers).
The FBI linked the cyberattack to North Korea, reasoning that the hack was the country's response to The Interview, the U.S. movie that depicted an assassination attempt against North Korean leader Kim Jong-un. The hackers threatened violence upon movie theaters that showed The Interview. Top theater chains — and eventually Sony — decided to pull the movie.
In addition to the Sony fallout, tensions between the U.S. and North
Korea have escalated greatly. Pyongyang has denied involvement in the
Sony attack, but threatened a "counteraction" plan against the U.S., alluding to attacks against the White House and Pentagon.
Sony was criticized after pulling The Interview; the company released a statement saying there were no plans for the movie's release. Lynton went on the defense,
appearing on networks like CNN to say that Sony had not caved to
threats and that the company was seeking out ways to release the movie.
Then, after President Barack Obama publicly said he thought Sony's decision was "a mistake," Sony formed a different plan: The Interview would be released online and in a slew of independent theaters nationwide.
There is still some disagreement as to where the responsibility for the cyberattack lies. The FBI stands by its North Korea accusations, telling Mashable this week that there is "no credible information to indicate any other individual is responsible for this cyber incident."
Other cybersecurity firms point to disgruntled former Sony employees (one possibly named "Lena") or to Russia.
But hackers allegedly stole 100TB of data, so what we've seen may only be a tiny piece of a much more massive puzzle.
No comments:
Post a Comment