The Americans, North Koreans and Japanese (Sony) Play a Game of Cyber
What's more, in spite of the increased awareness of cyber warfare, many organizations don't take the proper precautions nor do they employ even the most simple of security procedures. Incredibly, Sony Pictures is so "insecure" it has been hacked 56 times in the last 12 years. The hackers of the "new age" are smarter than ever and wise enough to take advantage of these weaknesses. Moreover, they are continually getting stronger, sharpening their skills and becoming immune to today's security systems.
Even Sony Isn't Immune
The latest act of cyber warfare was "allegedly" perpetrated by North Korea against Sony, supposedly to prevent the distribution of Sony's latest comedy about N. Korea's dictator. The malware used against Sony had what the FBI calls "lines of code" and "data deletion" methods similar to malware "North Korean actors" previously developed. According to inside sources, a stealth "worm" was the cause of the collapse of thousands of Sony' computers and enabled the theft of top secret files including: movies not yet circulated, future screen scripts and sensitive e-mails. The thieves threatened to publish the stolen information and "start a war" if their demands were not met.
The Mandiant Corporation, which was called in to investigate the incident, acknowledged that part of the process included the guessing of employee passwords. This is no doubt, an indication of the weak password policy enacted by Sony. Kevin Mitnik, one of the most famous hackers in the world, tweeted the other day: "I learned today that the CEO of Sony -- Michael Lynton's domain user password was: sonyml3, "ML" being his initials. How stupid is that?"
In addition to inadequate security protocols, this year Sony laid off a number of employees with critical access to its computer network. All of which points to the need for advanced cyber protection. North Korea is a great scape goat. But those who understand hacking feel it may be too simple an explanation.
Today's Security Measures are Just Not Enough
The conventional methods of preventing cyber-attacks include a wide range of tools: Anti-Virus, Firewall, IDS and more. All these are static approaches which know how to deal with expected intrusions based upon a clearly defined set of rules; however, they do not know how to prevent unknown mutations which are part and parcel of every day attacks. To be effective, today's procedures need to be more comprehensive, more ingenious, and most of all more pro-active in order to prevent mutations and breeches before they happen.
New Aged Protective Measures
Today's cutting edge security measures provide a more holistic solution by protecting the different layers of the network, working together across devices and most importantly by using a form of artificial intelligence in order to predict and prevent new threats as they appear.
- Anomaly Detection – Sensors which raise an alarm when they detect behavior which is abnormal. These systems rely upon intricate algorithms set to learn what "normal" behavior is.
- Strong Authentication – In every organization there are accounts which have access to critical documents and files (i.e. Administrator, Root etc.). It's important that these "super users" are doubly protected with systems that provide more control, supervision and better passwords management for these sensitive accounts.
- Unidirectional Flow – Similar but more robust than the well-known firewalls, these hardware based systems make sure that information is transmitted in only one direction by breaking the TCP/UDP protocol.
- DoS (Denial of Service) Protection Systems – When network traffic rises above the "normal limit" - networks "crash" (much like cellular networks after an accident or incident). Today's hackers use this to their benefit by loading up the network in order to make it unavailable to users.
Cutting edge protective measures are trying to change the rules of the game by providing protection based both on hindsight and on proactive measures which can predict or guess possible future threats. It is important to note that implementing a single solution is not enough. In order to ensure the highest levels of security an organization must implement multi-layer solutions. This strategy will guarantee that if one measure is comprised, other measures will provide backup. New security measures are not meant to replace conventional measures, but to compliment them.
The First Shot Has Been Fired
There are many grave implications of the official FBI release about the cyber-attack on Sony. First off, this is the first time a country has openly pointed a finger at another country and blamed it for conducting an act of cyber terrorism. Moreover, let us not forget that President Obama himself has said that the US reserves the right to retaliate in a manner deemed appropriate. He likened the cyber-attack to 9-11. While no loss of life was involved, a company's security and private files were and hackers "to hostage" the business dealings of a leading American corporation. For those of us reading between the lines, this may be the first shot of the World War Cyber.
Time for Revenge?
During the past few days, North Korea has found itself under cyber-attack. The internet connections across the country are crashing intermittently. Could this be retaliation? We can't be sure.
For its part, North Korea's government says it was framed. Take that for what you will.
Topics: Cyber Security