What Does Sony Breach?

The recent years there has been many breaches in organizations throughout the globe. These attacks have had terrible outcomes and have cause Havoc on several companies because of the security that they had were vulnerable to external attacks. Many applications and software programs were infected. These attacks all occurred over the internet. As the internet keeps growing it is harder than ever to track down were the attacks generate from (location) that is. Because of these protocols, the security breaches still are occurring and difficult to eliminate and design a cure for them as they change as frequently as technology does. Because of the ease of the attacks, user simply click on a link and the attack is executed. Because of the recent

Despite the presence of network security devices such as firewalls and other security appliances, today's corporate networks are still vulnerable to both internal and external attacks by hackers intent on creating havoc. By proactively

This case study, written in 2009 is not the only case where a major data breach has occurred within organizations. In the late 2011 Sony’s PlayStation Network (PSN) was breached impacting up to 77 million user’s accounts including data on names, address and possibly credit card details. In late 2013 Target had a cyber-attack that compromised a large quantity of its data and had 110 million accounts compromised. Finally in September 2014 Apple had their iCloud server breached by hacking that compromised all the users of the online server. These occurrences still have some unanswered questions and several experts have yet to decipher the actual reason as to why the security breach occurred.

The Sony was hacked in November 2014 by the group calling itself GOP or Guardians of Peace. With the disturbing images and threats displayed on the monitors and that was painful for Sony Entertainment. The routine work collapsed as server was down and in IT system all data wiped (Lavasoft, 2011). As per management information 100 terabytes of data released on internet which includes, employee personal information, salaries, emails, and social security numbers. The message delivered to Sony that, we have taken all your secret and important data (SANS, 2015). However, Sony has significant importance on the maintenance and development of business continuity plan and which is detection and prevention of disaster. Furthermore, business

In late 2013, news headlines and social media outlets were reeling with the news that Target encountered a cyber-attack that breached the credit card accounts of millions of customers who shopped within the brick and mortar stores during the holiday shopping season. Hackers not only gained access to credit cards numbers, but also other personal data such as email addresses and names (Kinicki & Williams, 2016, p.38). The Target case study explores the dilemma that Target CEO Gregg Steinhafel faced with how to rebound from the very damaging breach. Against the advance of top advisors to Mr. Steinhafel opted for full disclosure to the public. Though a very risky choice, Mr. Steinhafel made a very appropriate decision from a business perspective,

Computers have become part of our daily complex lives; we depend heavily on computers to help break our complicated lives down. Most people now prefer to do things the digital way and so does companies. Most of trading (buying and selling) is now online which requires computers. In order to satisfy our hunger for digital living, there is a need for technology called the operating system to carry out the activities we require our computers to do. Computers and technology come in different forms and sizes and due to the capitalistic nature of our economy everyone is allowed to come up with their own form of computer and even the technology to run it. In recent years’ companies have gained interest doing business digitally and since software have become easier to write or code, it is also vulnerable- easy for programmers to access and exploit called hacking. Hackers are unapproved clients who break into a technological framework, change or decimate data, frequently by introducing hazardous malware without the insight and assent of the host company. Companies are now at risk of losing much more than money by doing business the digital way. It is in this view that the Security Exchange

The change the Artic will have an impact on the earth. Temperatures in the Arctic are rising at twice the rate of the rest of the world on average, and melting glaciers and land-based ice sheets are contributing to rising sea levels. Rising ocean temperatures are affecting ocean ecosystems. In turn having an affect on the communities and economies that depend on them. The changing Arctic could lead to global changes in ocean-based food security that will place additional burdens on economies, societies, and institutions around the world.

TGT’s public announcement of data breach disclosed that “approximately 40 million credit and debit card accounts may” were potentially compromised (Target, 2013). This came weeks after the breach, and a day after the company was out-ed on technology security blog (Krebs, B. 2013). The event’s high-impact (on stakeholder emotions and finances) demanded an immediate response. TGT failed to notify the public immediately and did not provide consistent and adequate communications.

According to lecture note and presentation from Dr. Tamir Bechor on October 21, 2016, “advanced persistent threat: (i) pursues its objectives repeatedly over an extended period of time; (ii) adapts to defenders’ efforts to resist it; and (iii) is determined to maintain the level of interaction needed to execute its objectives.” (Bechor, 2016) These objectives include building and strengthening its harmful system within an organization infrastructure in order to disrupt activities, obstruct normal operations, and extract sensitive information. Hence, this paper will clarify how advanced persistent threats (APTs) were achieved in the Sony Picture Entertainment (SPE) breach. In addition, examine the characteristics of the SPE threat level and adversary level relating to the threat actors’ capabilities, intent, and targets. Moreover, review why SPE previous security vulnerabilities and weaknesses or significant investments didn’t benefit to detect or prevent this breach. (Bechor, 2016)

We have direct approach, dumpster diving, spying and eavesdropping, technical expert, support staff and the voice of authority (Gulati, p.3). The direct approach involves carelessness in security issues, which is when an employee forgets their pass card in a building and an attacker gets access to the pass card. For an intruder, this is the first step in access information (Gulati, p.3). Physical access to a company provides a good platform for hacking. On the other hand, dumpster diving is the disposing items of that the company deemed outdated or out of use, which contains personal identification information it becomes easy for a perpetrator to access that information. The information of the thrash items may include the policy and procedures of a company and the hacker may use this information in order to convince the victim about his/her authority or authenticity (Gulati, p.5). Spying and eavesdropping involves getting access to ID and passwords through observations or eavesdropping. The contact details may be accessed through written documents, phone call and observing a user

Throughout the years, the world has been utilizing computers more and more each day. With computers being used more, there are more potential threats to the users. Computers have such an intricate and vast network all over the world. Computers are linked to the internet, which is used almost everywhere in the world now. The internet is utilized for many different things with good and bad intentions. With the bad intentions amongst the internet, cybersecurity starts to become a problem. With the improvement in cybersecurity, businesses and the people of the internet will be much safer than they are currently. Software will be better, copy protected, and small businesses in the software field can be saved.

To secure the data of customers and software information of the firm, Sony group privacy policy is used by Sony Corporation. In this, to win confidence and trust of the customers, appropriate use and security control tools are focused by the firm under this security policy. Management of the firm believes to give priority to the protection of personal information of the customers and limits the use of it for vague purposes. Additionally, Sony Global Information Security Policy and related rules & standards are also implemented by the firm to ensure the security of data and information at the workplace (Computer Security Division, 2009).

Almost all kind of large and small organizations might face increasing number of attacks into their network or intellectual property. This may lead to data disclosure, data destruction, and damage of organization’s reputation. There are numerous threats in the cyber space which might be capable of stealing, destroying or making use of out sensitive data for financial and non-financial gains. As the amount of computer, mobile and internet users increases, so does the number of exploiters.

Security Breaches: Intelligent hackers adapt to changes quickly. Stay ahead by installing the basics on company computers. Basics include anti-virus software, firewalls, and secondary virus software.

Organizations must provide mandatory cybersecurity training to prevent instances of hacking and cyberattacks. This can result in a loss of profits due to network damage and fraud caused by the stealing of assets by unauthorized persons. Traditionally, Information Technology (IT) departments have been responsible of maintaining an organization’s computer networks. Cybersecurity measures are implemented by this department to ensure that both hardware and software are safe and secure to eliminate potential risks through mitigation strategies. Employees from other departments within the organization must be included in cybersecurity initiatives because of the growing use of the Internet in the global economy. This is necessary because