The recent cyber-attack on Sony Pictures, which the U.S. federal government says was committed by North Korea, may be the catalyst for changing perspectives regarding cyber-security in 2015.
Security experts investigating the hack against Sony Pictures appear to be moving away from the theory that the attack was carried out by North Korea, and instead now believe it may be the work of disgruntled former employees—or at least former employees were somehow involved. Arguing that accessing and navigating selective information would take a detailed knowledge of Sony’s IT systems, researchers at Norse cyber-security now claim six former employees could have compromised the company’s networks, according to an article on The Guardian.
While Norse is not part of the official FBI investigation, company representatives did brief the U.S. government earlier this week, company officials report. Although they did note the findings are “hardly conclusive,” Norse senior vice president Kurt Stammberger told the Security Ledger that nine researchers had begun to explore the theory that an insider with motive against Sony would be best placed to execute a hack, the Guardian article reports.
The team had started by examining a leaked database of Sony employees made redundant during a restructuring in May, the article notes. Of six people Norse claim had involvement with the hack, one was a former staffer made redundant in May after 10 years with Sony. She had a very technical background and had used social media to berate the company after losing her job, which fits the pure revenge motivation, the Guardian article reports.
That possibility reminds me of a report earlier this fall, in which the Department of Homeland Security (DHS) and the FBI jointly announced they have seen an increasing exploitation of business networks and servers by disgruntled and/or former employees. Some of these cases have resulted in significant FBI investigations in which individuals used their access to destroy data, steal proprietary software, obtain customer information, purchase unauthorized goods and services using customer accounts, and gain a competitive edge at a new company.
Regardless of who perpetrated the cyber-attack at Sony, the attack does cast a light on what may be a glaring deficiency at some companies. Production and distribution in the supply chain now encompasses a firm’s value chain proposition. Inbound and outbound logistics, along with operations and marketing/sales and service, are seen as critical factors that can drive competitive advantage. Consequently, the supply chain is at risk for cyber-attacks at numerous points of contact—including manufacturers, suppliers, transporters, retailers, distributors and even customers.
That, in turn, means finding innovative ways to ensure consumer and corporate privacy through fraud detection and intellectual property protection is critical amidst increasingly complex supply chain designs, writes Drew Smith, founder & CEO of InfoArmor, on SupplyChainBrain. For starters, supply chain firms should conduct a gap assessment across the organizational chain ecosystem and identify ways to remediate potential threats, writes Smith. Security auditing and real-time monitoring are requisite steps for companies with several key measures, he continues.
Firms also should enlist a third-party expert to conduct the audit, or even better, partner with a company that will perform an evaluation of the supply chain’s posture with on-going monitoring, Smith writes. Additionally, a company should have a security framework (for example ISO 27001), he continues, along with an individual such as a CSO, CTO, CEO or data steward who is responsible for management, strategy and responsive action.
What are your thoughts on the growing risk of cyber-attack? Secondly, does your company have a C-level executive specifically tasked with cyber-security?