Following news last week that Sony has scrapped the theatrical release of comedy The Interview after threats from cyber hackers drove a number of US Cinema chains to say they would not screen the film, cyber security experts warn that withdrawing the movie could inspire further attacks on other companies.
The Financial Times (FT) reports that the decision to cancel the release of The Interview shows the impact that cyber security threats can have and may inspire copycats to target other companies all over the world. Although the identity of the hackers is still not known, North Korea accused the US of sponsoring terorism in a letter to the UN in the summer because the film depicts a farcical assassination attempt on North Korean Leader, Kim Jong Un. US President Barack Obama has since caused furter tension with North Korea by blaming Pyongyang for the cyber threats. North Koreas's National Defence Comission said that they are ready to use many types of warfare against the US.
According to Stuart McClure (founder and chief of cyber security company, Cylance) the decision to cancel the movie release is giving into terrorism. “This is 100 per cent cyber terrorism, we’ve never seen the likes of this,” he told the FT. The pressure is building on Sony to tighten their cyber security defences and according to McClure Sony was “horribly, horrifically unprepared” for this attack.
Marc Maiffret (CTO of security company BeyondTrust) told the FT that whether or not the attack was committed by North Korean hackers, it could be copied by groups that intentionally try to disrupt companies. According to an analyst at Wells Fargo, the attack on Sony shows that Hollywood Studios aren’t investing enough money in cyber security compared with the risk they face. Cyber security industry specialist Gary Powell told the FT that he believes the cyber security attacks would encourage board level executives to change their thinking towards security spending.
The Wall Street Journal reports that 2014 should have taught corporations that there is a shortage of talent to deal with cyber threats and managing the fallout from security breaches. Recent security breaches have highlighted the challenge for corporations to handle attacks. Home Depot Inc and Target Corp both reported data theft of consumers in 2013 and 2014. This is also not the first time Sony has been targeted by cyber-attacks, in 2011 more than 100m customer records from its PlayStation network were compromised by hackers.
John Theobald, Chief Information Security Officer at NTT Com Security said: “The noise from the media continues with high profile security incidents in 2014 – some repeat offenders, this is not expected to change in 2015 and beyond. This will in effect redefine risk appetites as in the future it might be acceptable to suffer any kind of incident, as it is inevitable and incident management will be redefined as loss mitigation strategies. There is also the possibility that we will see more activity as wannabe criminals realise how easy it is to defraud and cause havoc.”
By Nicole Miskelly, bobsguide Lead Journalist