Ad Image

Identity and Access Management and the Sony Hack Attack

Identity and Access Management and the Sony Hack Attack

Identity and Access Management and the Sony Hack AttackThe hack attack experienced by Sony has made lots of news recently, and it should highlight for all companies their vulnerability to data breach. How the company was breached should be particularly enlightening.

CBS news reported that “Law enforcement sources said North Korea hacked into the Sony network by stealing the login credentials of one of the company’s computer system administrators.” That one set of credentials could be used to access anything within Sony’s corporate network. Once inside, the hackers were able to do all sorts of nasty stuff, such as erase hard drives, steal data, and reveal embarrassing communications between and other information about both Sony executives and employees. The Wall Street Journal’s Bruce Schneier in an opinion piece said that “the press may not have divulged this information, but their friends and relatives peeked at it,” and as a result, “hundreds of personal tragedies must be unfolding right now.” Even worse, the hacker group claiming responsibility, “Guardians of Peace,” are using the stolen employee data to blackmail, threaten and harrass regular employees, according to Pierluigi Paganini, author of a piece on the attack at the InfoSec Institute.

At its core, the Sony hack was an identity and access management failure. I would also argue that it is a business management failure. Sony reportedly made a business decision to accept the risk of data breach rather than pay for better security. Schneier said the following:

Sony clearly failed here. Its security turned out to be subpar. They didn’t have to leave so much information exposed. And they didn’t have to be so slow detecting the breach, giving the attackers free rein to wander about and take so much stuff.”

To be fair, the same article admits that the determined hacker with good technical skills will get through no matter almost what you do, but there are still ways to detect intrusion more quickly and limit the damage. A good IAM solution would have limited the access that the stolen credentials had across the company in the first place, thereby limiting the damage or forcing the hackers to work a lot harder to get the data. Schneier says that as a result, you need to take this security stuff a lot more seriously than you may have previously. That means spending money on protecting yourself, unlike Sony.

To take a look at top Identity and Access Management  providers, check out our 2015 IAM Buyers Guide here.

Share This

Related Posts