Free «Sony Pictures Entertainment Hack » Essay

Although the Sony Pictures Entertainment Hack was an example of a well-planned hacking activity, if several security measures were effectively adopted, the scenario could have been prevented and the company could not have experienced the huge losses. However, following the hacking, what is needed in the present world is a renewed commitment to data security because at the time of the occurrence of the hacking activity, there was some level of negligence on the company staff. This was clear especially considering they had just suffered another cyber-attack on their games and had worked tirelessly to gain their clients’ trust back. This essay, therefore, gives some of the solutions that can be implemented by any organization to prevent possible network breach or attack.

One of the approaches that can be undertaken to avoid possible network breach, which has often been adopted by many organizations involved in large data storage and could work to Sony’s advantage, is intrusion detection systems and processes. These processes are usually effective because they monitor computer activities and are capable of analyzing and alerting in cases of any possible intrusion. Besides, the specific system administrator in charge at the moment can determine the corrective measure (Debar 3). Evidently, for the alleged 100 terabytes of data to be stolen by GOP, a large amount of traffic could have been generated, and the intrusion detection system could have detected it (Grisham). If everything was been in place, Sony would only need to find a fraction of the stolen data and immediately become aware that their network was under attack and its sensitive information was being stolen.

On the other hand, another very important step that Sony should undertake to prevent network data breach or attack is to have enhanced levels of data protection and encryption techniques (Debar 10). Importantly, the company should perform data assessment of the identity of major sensitive information. In the case of Sony, this means having an identification of information such as the social security numbers, passwords, usernames and emails that can offer additional defense mechanism for all their systems in case of breach. Additionally, the ability to incorporate encryptions on the above sensitive information could significantly make it difficult for an individual to upload information on the internet.

Moreover, according to the report about the attacks on Sony, the so-called wiper malware played an important role in the expensive cyber-attack because it deleted all the information from the victim’s and the company’ computers. Wiper malware is usually very destructive, and it is important that there is early detection in order to prevent huge data losses (Anderson 529). In the given case, the GOP used malware to delete important contents from hundreds of computers and, as a result, made them unusable. Therefore, the appropriate management strategy for this would be to apply effective malware detection as well as the defense system as this could greatly help in preventing the spread of the wiper malware. To an extent, security is not always guaranteed when signature-based detection systems are the only ones used to filter or identify malicious contents before their delivery to the endpoint user. Thus, the reason of this is that they only detect what is already known. For the multinational computer and software companies like Sony, the use of network-based anti-malware systems could be more efficient because they can show abnormalities within the system’s infrastructure. Following the wiping of tremendous amounts of data, it was evident that for each day that the company was offline, it cost them money and time. Thus, as an alternative, it is important for such multinational companies to have a malware-free backup.

Sony similarly suffered attack due to unauthorized access and misuse of administrative privileges. It is important to mention that for international hackers such as GOP, even compromising of a single administrative can result in network security breach. In the case of Sony, according to investigations, it became evident that not only did the hackers infiltrate their network, but they also had a legitimate credential and username, thus, increasing their abilities to spread the malware to other computers (Robb). It would have been recommended that for the Sony cooperation to have multifactor authentication procedures to grant administrative access and prevent the attacks and data breach. Multi-factor authentication can include the adoption of techniques such as biometric systems and a one-time password that after being used cannot be re-used.

For performing the attack, obviously, the hackers took their time planning and breaching the company’s servers. As it was noted by the company’s executives, minimal login activities and analysis into the servers allowed the attackers to hide the malicious software on Sony’s main computers. Sony could have detected early enough if there was any breach by looking keenly into the activities that tend to deviate from their routine baselines. As a solution to the above scenario, it is often advised to take the analysis of the audit logs, frequent maintenance and monitoring of the system. A security incident and Event management tool can be used in this case to devise common events while the uncommon are detected as false positive, and the appropriate measures were taken in time (Cheswick et al. 25). On the other hand, because of minimal expectation that the company could be hit by such level attacks, it may be concluded that minimal external and the regular internal test had been conducted to determine the overall vulnerability.

The last approach that could have been taken to prevent possible network breach or attack would be for the organization to have strict data policies in place. After the establishment of the data policies, it is important that staff is properly educated on the security. These policies include the importance of adhering the established security needs as well as to determine who has the right to have the information, access it, where and when it can be accessed.