Do you think that Sonys response to the attack was appropriate? Why or why not? What might
Question:
- Do you think that Sony’s response to the attack was appropriate? Why or why not?
- What might Sony and the U.S. government done differently to discourage future such attacks on other U.S. organizations?
- Are there measures that organizations and the U.S. government can take together to prevent both real-world terrorist violence and cyberattacks?
Sony’s Response to North Korea’s Cyberattack
On November 24, 2014, employees of Sony Pictures Entertainment booted up their computers to find an image of a skull along with a message from a group calling itself the Guardians of Peace. The message read: “We’ve already warned you and this is just the beginning. We’ve obtained all your internal data including your secrets and top secrets [which will be released] if you don’t obey us.” As Sony would eventually discover, the hackers had stolen reams of sensitive data, including the Social Security numbers of 47,000 current and former employees, system passwords, salary lists, contracts, and even copies of some Sony employees’ passports. The hackers accessed hundreds of Outlook mailboxes as well as Sony IT audit documents. They also stole media files and placed pirated copies of five of Sony’s movies on illegal file-sharing servers. Sony was forced to completely shut down its information systems in an attempt to stem the data breach. Ultimately, Sony would determine that the damage done by the hackers was far more extensive than it first believed. Not only had data been stolen, but 75 percent of the company’s servers had been destroyed and several internal data centers had been wiped clean. Contacted within hours of the event, the FBI soon identified the culprit. In June, several months before the hack, North Korea’s Ministry of Foreign Affairs had declared that it would take “a decisive and merciless countermeasure” if the U.S. government did not prevent the planned release of Sony’s motion picture The Interview, which features two reporters who venture to North Korea to interview and assassinate the country’s dictator, Kim Jong-un. In the film, the main character, initially won over by the dictator’s apparent kindness, discovers that the tyrant is lying about the country’s prosperity and freedoms. The plot, along with the movie’s unflattering portrayal of the dictator as ruthless and childish, had caught the attention of the North Korean government. The U.S. government disclosed that it had proof that the North Koreans had made good on their threat. The U.S. National Security Agency (NSA) had reportedly penetrated the North Korean cyberwarfare unit four years prior to the attack and had been monitoring its capabilities since then. After Sony alerted the FBI of the attack, the NSA was able to trace the attack back to North Korea, using a digital fingerprint the hackers had left in the malware. Several weeks after the attack, FBI Director James Comey, revealed in a speech that the Sony hackers had been sloppy. “We could see that the IP [Internet protocol] addresses that were being used to post and to send the emails were coming from IPs that were exclusively used by the North Koreans.” The hackers warned Sony not to release The Interview, and then on December 16, the group issued a message threatening large terrorist attacks on theaters that showed the film. The National Organization of Theatre Owners contacted the Department of Homeland Security for information and advice. The FBI and NSA released a bulletin explaining that they had no credible information about a plan to attack theaters, but they could neither confirm nor deny whether the hackers had the ability to launch such an attack. Shortly after the bulletin was released, the four largest U.S. theater chains withdrew their requests to show the movie—Carmike Cinemas first, followed by Regal Entertainment, AMC Entertainment, and Cinemark. Within hours, Sony announced that it had canceled the film’s release. White House officials, Hollywood personalities, and the media were aghast. Comedian Jimmy Kimmel tweeted that the decision by the major theater chains to refuse to screen The Interview was “an un-American act of cowardice that validates terrorist actions and sets a terrifying precedent.”
Step by Step Answer:
Principles of Information Systems
ISBN: 978-1305971776
13th edition
Authors: Ralph Stair, George Reynolds