Lesson Learned from the Hack of the Century

With large and medium enterprises equally at risk of being hacked by outsiders, leaders are forced to join and scratch their heads and figure out what is to be done.

There is no denying that security lies at the heart of an organization whether a large business enterprise or a small coffee shop. Organizations now carefully calculate the amount of risk they can take. They put on their thinking caps to figure out all the methods they require in order to keep a check on intrusion along with diminishing and detecting the after effects of a security incident. Just as security lies at the heart of your organization, it lies at the core of Dezine Geek’s services particularly the cloud security services. We understand the importance it holds for your organization. Dezine Geek offers its clients with a fool proof cloud strategy that consists of the latest tools and processes to cater to the open risk of security breach becoming more and more stronger these days.

Fortune magazine labeled the hack attack on Sony as the “Hack of the Century” in an article that was published recently. This well written article gave deep insight into the hack incident of Sony with great details about the events that led to such devastation. 

How did hacker manage to get access to Sony (such a large organization!) in the first place? They did it so through spear phishing that consists of fooling the employee into clicking an email attachment or a nasty link to a website. As soon as they accessed into the company, they freely roamed about the organization’s data base since it lacked security controls like multi-factor authentication. After weeks, the hacker started getting away with pieces of their data and adversely affected their host machines across the entire company using a malware strain known as igfxtrayex.exe. What’s alarming is that the company’s antivirus software was so inefficient that the malware went undetected. As soon as it was installed, the malware manifested its wrath on the company by displaying a red skeletal image and doing the damage it intended to by murdering the affected host in just 2 hours.

(you can display that red skeletal image here. It’s there in the link above)

Let us enlighten you with just few effects of this deadly cyber-attack…

  • The data was stolen before being deleted which consisted of confidential email, salary lists, movie scripts and above 47000 SSNs.
  • Completely wiping out the hard disks on 837 of 1555 global servers and 3262 of 6797 global PCs.
  • Loss of $41 million was reported by March 2015 that excluded the IT repairs and litigation, breach investigation expenses and lost movie revenue. The company has also been known to have lost $177 million in the year 2011 because of the incident of PlayStation  Network hack.
  • Manual processes like paying 7000 employees on paper check had to be employed.
  • The machines were made dead by deleting algorithm that overwrote data in 7 different ways after which it eliminated the startup software of the machine.
  • Outage was experienced by half of Sony’s global network.
  • Apart from other things, it immensely damaged the reputation of such a large organization with criticisms showered on the company by many known sources.

The crucial question now is what should companies do? No matter how much Sony may insist that the cyber-attack was unmatched, unparalleled and too extraordinary for them to repel, the truth is there were many security procedures that weren’t being followed. Only if they were followed, it could have at least neutralized and rebuffed the strong effect it had or if nothing else it could have at least detected the malware earlier and faster. Being a managed service provider, we shield and safeguard the cloud systems of our customers with our managed cloud security. Dezine Geek provides tech smiths that can not only armor but effectively shield your enterprise system and immensely minimize the impact of risk of any likely security breach on the ecosystem of yourinfrastructure.

Here are some few ways we successfully protect organizations…

  • Utilization of Intrusion Detection System (IDS) aids in real-time critical decisions associated with security risk.
  • Using Data Encryption safeguards visibility to backup data and database
  • Utilizing Web Application Firewall (WAF) keeps web based attacks at bay
  • Tracking and managing firewall policies through Firewall and VPN implementation and management guarantees to just the desired open doors for intended sources.
  • Allowing only approved personnel to access the systems like public cloud environment through multi-factor authentication.
  • Introduction of cloud has increased vulnerability to Distributed Denial of Service attacks. DDoS protection enables protection and quick response which helps to avoid service disruption.
  • In order to detect deviation from accepted state, continuous audit is made use of.
  • Responding and tracking of suspicious log activities is done through Log/Event monitoring and management.
  • We give security awareness training to our employees as we understand all it takes for the hacker to access your system is one small mistake from your employee.

If these services were utilized properly, it could have definitely aided in minimizing, combatting and neutralizing the adverse effects of the hacking event Sony had to encounter. Managed cloud security offered by Dezine Geek will meet and shield your organization’s needs. If you are a large enterprise, you have most probably encountered hack attempts. So what are you doing to fully leverage your security?

Reference