Time
7 hours 36 minutes
Difficulty
Advanced
CEU/CPE
7

Video Description

This lesson discusses the Sony Hack incident. This cost wiped out half of Sony's global network worldwide and did a significant amount of damage. Nothing could be recovered due to the way the hackers wrote the code of the software involved in the hacking. The FBI blamed North Korea for this incident. Most incidents are preventable and consumer errors are the likely cause for these incidents. A plan for cyber security response is necessary and there needs to be a plan in place for how to do it should the need occur.

Video Transcription

00:04
So
00:05
Stoney Case study Hack is kind of an interesting example of things that kind of happened to a well known corporation and encompasses kind of several of things we talked about before.
00:16
So if you're not familiar with the the hack
00:19
on the 24th of November, a crushing cybersecurity attack was launched on Sony Pictures,
00:25
and employees logging onto the networks were met with sounds of gunfire, strolling threats and menacing image of a fiery skeleton looming over the little tiny, zombified heads of studios top two executives.
00:38
So if you can imagine, that's probably pretty terrifying and cost some consternation among the 70 employs.
00:45
But before the Sony's cyber staff could actually pull the plug, the hacker's malware had leapt from machine to machine, essentially wiping 1/2 of Sony's global networks. It was wasn't just isolated to the United States. It was essentially Sony Worldwide, Sony, Japan, Sony, California and it erased everything
01:04
stored on 3262 companies, 6797 personal computers
01:11
and 837. But that's 1555 servers. It did a significant amount of damage to Sony,
01:21
so to make sure nothing could be recovered. The Attackers actually added special deleting a lager them the overwrote, the data seven different ways so that that's pretty significant. And then when that was done, the coat zap each computer, start up software and rendered the machines brained
01:40
and then before destroying the company's data that the hackers and still win it.
01:45
So over the next three weeks, they dumped nine batches of confidential files under the public file sharing sites, everything from unfinished movie scripts and mortifying e mails to salary less to more than 4700 Social Security numbers. So that's a significant amount of data, so you have
02:02
personally identifiable information that's out there. You've got
02:06
proprietary information that's out there. You've got e mails that are out there now that could actually cash. People are negative light.
02:15
They may have to resign from their jobs. They make them harder to get a job in the future.
02:20
S 04 of the five are 5 70 films. Four of them were unreleased and they were leaked to the public on these pirates, the websites for for you viewing. So obviously that's going to cost 70 some revenue as well.
02:34
So to kind of continue this thing's case study On the 19th of December, the FBI blamed the hackle North Korea, which had issued threats over one of the films that were released. It was that Seth Farland film regarding Kim Jong,
02:51
so they were pretty unhappy with that, tried to get
02:54
Sonny stop that film,
02:57
and then when they wouldn't do it, they essentially hacked into Sony's networks.
03:01
So the FBI
03:02
stated that the mouth were used was undetectable by an industry standard anti virus software.
03:10
And then, experts say Sony's electronic security probably wasn't worse than that of many of its others.
03:17
But it's clear that Sony, which failed, employed basic safeguards, didn't put up much of a fight.
03:23
So that's that's a pretty significant event if we go back to one of our first line to talk about that. Security is even the first to know are the 1st 90% but it's either, you know, it's got to be that first part. Sony apparently did not have that mantra in mind,
03:40
and, uh, kind of one of the interesting things I found from Fortune magazine talked about
03:46
their actual security posture. So you can actually go to this Lincoln and look at it and read the whole story. But this is a little snippet.
03:53
And, uh,
03:54
it talks about one of the consider security consultants that actually had gone to Sony.
04:00
And, uh,
04:02
Fortune had interviewed him. And he related that After a quick security check of the front gate and then proceeding to the George Burns building on the east side of the Sony lot, the North Screwed walks straight into the unlock first war offices of the Information Security Department, marked with a small sign reading in Vasek.
04:23
There was no receptionist or guard to check who they were. In fact, there was no one inside it all.
04:29
The room contained cubicles with unattended computers providing access to Sony's International Data Network. So apparently Sony didn't really have ah, good security posture in place, even within their own network facilities
04:46
goes on to say that the visitors found her way to a small sitting area outside of the office of Jason Spall. Tro so many senior vice president for information security settled in and waited alone for 15 minutes. So again, if someone
05:02
had malicious intent, they had quite some time to access some of these networks
05:08
from within the corporation,
05:11
and then it goes on to state. I got a little shocked, says Tommy. Stance in
05:16
Norse is co founder and chief technology officer. Their info sec was empty and all of their screens were logged on. Basically, the janitor can walk straight into their infant set department,
05:27
adds Mickey Shapiro, veteran entertainment attorney who helped set up the meeting and was present that day.
05:32
If we were bad guys, we could have done something horrible.
05:36
So
05:38
again, cybersecurity is is gonna be paramount to one, preventing these incidents from occurring and you have to do something
05:45
on put procedures and policies in place. We have to follow them in order to prevent incidents from occurring. And obviously that did not happen, and we can see the consequences of what happened.
05:58
And then you're going to have to re mediate that. Probably study. It's still actually trying to deal with the fallout from this hack.
06:06
So
06:08
announced her vision is obviously worth a pound a cure so most incidents can be your could have been prevented.
06:14
Human error is the likely cause of security failures,
06:17
and a new study finds that only one in 10 consumers have had any classes of training are about protecting their computer and other personal information last 12 months again, that talks about kind of the end user and how much they really know about cyber security, protecting their data.
06:34
And even cybersecurity experts have lapses in judgment of practices. And oftentimes we may think that we know better, so we may not follow the simple security procedures that we've put in place, so we may actually be one of the worst offenders as well.
06:50
Cos may not want to invest the necessary time or money to provide adequate defense until something happens, and then they have to go back to mediate that and then spend the extra money Thio provide that adequate defense
07:05
and worse, they may not know what to defense. So that's why cybersecurity is kind of growing
07:11
field right now. And she had a lot of people who had information systems, but they don't quite know what to do with them.
07:16
So essentially that sun suit mantra. No, the enemy and know yourself. You have to know exactly what it is that you have, and you have to know it kind of one of this that your enemy is going to do in order to kind of prevent the cyber security incidents from occurring, preventing them and mitigating them.
07:36
So the need for cyber security incident response We know that these cyber security incidents are going to happen.
07:44
Uh, and you're in Users are gonna be your weakest link. But there's always someone out there who's trying to one up, you trying to get past your network security.
07:54
So we now know, understand why it's important to pack that cyber security eyes exemplified in that Sony hack. They had several pieces of information proprietary, personally identifiable information, e mails that they didn't want to get out. Essentially, that caused significant damage to their business.
08:13
So now you know that we need toe do something when we have an incident. But what is that something? What do we do when we have a cyber security incident? How do we do it?
08:24
So that's what's gonna be discussed and future videos. So thank you. And I hope to see you again

Up Next

Incident Response and Advanced Forensics

In this course, you will gain an introduction to Incident Response, learn how to develop three important protection plans, perform advanced forensics on the incident, deep dive into insider and malware threats, and commence incident recovery.

Instructed By

Instructor Profile Image
Max Alexander
VP, Cybersecurity Incident Response Planning at JPMorgan
Instructor