Sony's cyber-mess

ATN-300InsightaaS: There are some connections in life that just don't work as well as you might hope. When I was younger, I knew that Arizona seemed to elect odd governors; as an adult, I've seen that Toronto has the same issue with mayors

Sony Corp. appears to have the same kind of issue with cybersecurity that citizens in Arizona and Toronto have had with elected officials: all too often, new years and situations devolve into disaster. The great Information is Beautiful World's Biggest Data Breaches graphic lists Sony three times within a year in 2011, with hacks affecting 77 million, 24.6 million and one million customers. And the recent news of yet another Sony breach - this one with bizarre overtones of North Korean government involvement - adds another chapter to Sony's cyber-fails (and come next year, will provide the basis for a new entry in Information is Beautiful's interactive history).

Rather than highlight a single post, I thought I'd provide linkages to three different commentaries. The first, from The Verge, is entitled "Sony Pictures hackers say they want 'equality,' worked with staff to break in." It notes that the hackers state that they will "release Sony's 'secrets and top secrets'" if Sony failed to comply with the hackers' demands.

The second piece, carried on Sophos' Naked Security site, reports that "'Annie', 'Fury', other Sony blockbuster movies pirated after network attack." It reports that five Sony movies have been released to pirate sites, with one - World War II drama Fury - downloaded well over one million times. This piece also explores the notion that North Korea may be behind the attack.

The third post, from the influential blogsite Krebs on Security, adds more information. Entitled "Sony Breach May Have Exposed Employee Healthcare, Salary Data," it reports online trading of a number of sensitive files, including "the name, location, employee ID, network username, base salary and date of birth for more than 6,800 individuals," "a status report from April 2014 listing the names, dates of birth, SSNs and health savings account data on more than 700 Sony employees" and a file based on an internal audit that "includes screen shots of dozens of employee federal tax records and other compensation data."

Is Sony alone in this exposure? Certainly not - an expert interviewed on 60 Minutes claimed that "97 percent" of businesses have been breached. Like Rob Ford and Evan Mecham, though, Sony does have a knack for generating unfavourable headlines when it is the target...