SlideShare a Scribd company logo

The Sony Pictures Entertainment Hack The Problem On .docx

Download as DOCX, PDF
J
joshua2345678

The Sony Pictures Entertainment Hack The Problem On November 24, 2014, a hacker group called the “Guardians of Peace” or GOP successfully attacked Sony Pictures Entertainment (www.sonypictures.com; SPE). The attackers obtained personally identifiable information about 47,000 current and former SPE employees and their dependents. These materials included numerous sensitive e-mails among top SPE executives concerning actors, financial deals, and creative disagreements; executive salaries; and complete copies of unreleased Sony films. The information included names, addresses, social security numbers, driver's license numbers, passport numbers, bank account information, credit card information used for corporate travel and expenses, usernames and passwords, and compensation and other employment-related information. The hackers claimed to have stolen more than 100 terabytes of data from SPE. The GOP initially released the most damaging information over the Internet. This information consisted of digital copies of SPE films that had been released (e.g., Fury) or were yet to be released (e.g., Annie). In addition, the attackers announced they would continue to release more interesting SPE information. Although the specific motives for the attack had not been revealed as of mid- 2016, the hack has been linked to the planned release of the SPE film The Interview. In this movie, producers of a tabloid television show learn that North Korea's leader, Kim Jong Un, is a big fan of the show, and they set up an interview with him. While the show's team is preparing for the interview, the CIA recruits them to assassinate Kim Jong Un. Prior to the Sony hack, North Korean officials had expressed concerns about the film to the United Nations. The officials stated that “to allow the production and distribution of such a film on the assassination of an incumbent head of a sovereign state should be regarded as the most undisguised sponsoring of terrorism as well as an act of war.” On December 16, 2014, the GOP mentioned The Interview by name, and they threatened to take terrorist actions against the film's New York City premiere at Sunshine Cinema on December 18. The GOP also threatened similar actions on the film's America-wide release date of December 25 (Christmas). On December 18, two messages allegedly from the GOP appeared. The first claimed that the GOP would not release any further information if SPE agreed not to release The Interview and to remove it completely from the Internet. The second http://www.sonypictures.com/ stated that SPE had “suffered enough” and it could release the film, but only if Kim Jong Un's death scene was not “too happy.” In the aftermath of the attack, the studio was forced to use fax machines, to communicate through hard-copy posted messages, and to pay its employees with paper checks. Employees worked with pen and paper, and shops located on Sony property accepted only cash. .

Education
1 of 14
The Sony Pictures Entertainment Hack The Problem On November 24, 2014, a hacker group called the “Guardians of Peace” or GOP successfully attacked Sony Pictures Entertainment (www.sonypictures.com; SPE). The attackers obtained personally identifiable information about 47,000 current and former SPE employees and their dependents. These materials included numerous sensitive e-mails among top SPE executives concerning actors, financial deals, and creative disagreements; executive salaries; and complete copies of unreleased Sony films. The information included names, addresses, social security numbers, driver's license numbers, passport numbers, bank account information, credit card information used for corporate travel and expenses, usernames and passwords, and compensation and other employment-related information. The hackers claimed to have stolen more than 100 terabytes of data from SPE. The GOP initially released the most damaging information over the Internet. This information consisted of digital copies of SPE films that had been released (e.g.,
Fury) or were yet to be released (e.g., Annie). In addition, the attackers announced they would continue to release more interesting SPE information. Although the specific motives for the attack had not been revealed as of mid- 2016, the hack has been linked to the planned release of the SPE film The Interview. In this movie, producers of a tabloid television show learn that North Korea's leader, Kim Jong Un, is a big fan of the show, and they set up an interview with him. While the show's team is preparing for the interview, the CIA recruits them to assassinate Kim Jong Un. Prior to the Sony hack, North Korean officials had expressed concerns about the film to the United Nations. The officials stated that “to allow the production and distribution of such a film on the assassination of an incumbent head of a sovereign state should be regarded as the most undisguised sponsoring of terrorism as well as an act of war.” On December 16, 2014, the GOP mentioned The Interview by name, and they threatened to take terrorist actions against the film's New York City premiere at Sunshine Cinema on December 18. The GOP also threatened similar actions on the film's America-wide release date of December 25 (Christmas). On December 18, two messages allegedly from the GOP
appeared. The first claimed that the GOP would not release any further information if SPE agreed not to release The Interview and to remove it completely from the Internet. The second http://www.sonypictures.com/ stated that SPE had “suffered enough” and it could release the film, but only if Kim Jong Un's death scene was not “too happy.” In the aftermath of the attack, the studio was forced to use fax machines, to communicate through hard-copy posted messages, and to pay its employees with paper checks. Employees worked with pen and paper, and shops located on Sony property accepted only cash. The Law Enforcement Response Meanwhile, the FBI launched an investigation into the incident. In 2014, the bureau announced it had connected the North Korean government to the attack. The FBI's statement was based on intelligence gathered during a 2010 U.S. hack of North Korea's networks. In that action, the United States had tracked the internal operations of North Korean computers and networks. North Korea responded to the charges by denying any responsibility for the hack. Although most of the speculation about the attack has focused on North Korea, the authorities are
investigating alternative scenarios, including the possibility that an SPE employee or former employee was involved. The Sony Response As a result of the attack, SPE shut down its entire network on November 25, 2014, and pulled the theatrical release of The Interview on December 17. Two days later, President Obama labeled the attack as “cybervandalism” and not an act of war. He also charged that that Sony's decision to pull the film from release rather than defy the hackers was a mistake because the company appeared to have capitulated to the hackers' demands. Following initial threats made towards theaters that showed The Interview, several cinema chains, including Carmike Cinemas, Bow Tie Cinemas, Regal Entertainment Group, AMC Theaters, and Cinemark Theaters, announced they would not screen the film. On December 23, 2014, SPE authorized 300 largely independent theaters to show the movie on Christmas Day. The following day SPE released The Interview to Google Play, Xbox Video, and YouTube. Sony defended its decision to pull the film by claiming they were a blameless victim. Specifically, because the attackers came from a foreign government, they had
far more resources to attack than Sony had to defend. Therefore, the studio concluded that the attack was unstoppable. Significantly, both the FBI and security company FireEye acknowledged that the malicious software used in the Sony hack was “undetectable by industry standard antivirus software.” At the same time, however, Sony apparently failed to employ basic information security countermeasures. For example, the company's e-mail retention policy left up to seven years of old, unencrypted messages on company servers. Sony was using e-mail for long-term storage of business records, contracts, and documents it saved in case of litigation. Also, sensitive information—including user names and passwords for IT administrators—was stored in unencrypted spreadsheets and Word files with names such as “Computer Passwords.” Sony has since implemented its “secure rebuild” information security strategy. The plan's fundamental idea is zero trust. Its objectives are to keep attackers from entering the company's networks, to prevent them from accessing information if they do get in, and to block them from stealing information if they actually manage to access it. Specifically:
network. The remainder will be stored securely, encrypted, and cut off from the Internet. -mails will be archived after a few weeks. System administrators will have access only to areas required to do their jobs. only preapproved applications. -step login (multifactor authentication) procedures. The Results Beginning on December 22, 2014, North Korea experienced an Internet failure, for which the government blamed the United States, identifying the disruptions as an attack in retaliation for the SPE hack. The U.S. government denied any role in the disruptions. Interestingly, North Korea's only Internet connections run through servers in China. Therefore, China could interdict any hacking attempts originating in North Korea. However, China and the United States are embroiled in a dispute over bilateral hacking, so it does not seem likely that China will police North Korean hacking attempts.
The SPE attack had serious repercussions for Sony, for the U.S. government, and for every organization. Consider the damage to SPE. Analysts estimate that the costs of the attack could exceed $150 million. Such costs include business disruption, loss of information and revenue, decreased customer confidence, and many others. However, the damage done to SPE's reputation (via very sensitive e- mails) could be incalculable. In fact, several former SPE employees are suing the company for failing to adequately protect their personal data. (SPE offered one year of free credit monitoring and fraud protection to current and former employees.) In July 2015, seven cases were consolidated into a proposed class action lawsuit in a Los Angeles federal court. In October 2015, Sony agreed to pay up to $10,000 to each claimant for identity theft losses and up to $1,000 each to cover the cost of credit-fraud protection services in connection with the cyberattack. The total settlement was expected to cost Sony approximately $8 million. The U.S. government is faced with a serious problem. By presidential
directive, the U.S. military has the responsibility to help protect and defend the nation's critical infrastructure, such as its power grid, banking system, and communications networks. However, U.S. and international entertainment companies are not part of that infrastructure. The question is: If a foreign government is attacking U.S. corporations, what is the federal government's responsibility? A related question is: If the U.S. government had known of an impending cyberattack on SPE, why didn't the government warn SPE? And the lessons to be learned? SPE's inability to protect its information from hackers serves as a reminder to corporations and individuals that if you are connected to the Internet, your information is simply not safe. Further, no one should commit anything on e-mail that he or she would not want to see on the front page of a newspaper. The likelihood of serious breaches is increasing, as is the damage these breaches can cause. Therefore, the time, effort, and money that organizations spend on information security needs to increase as well. One final note: In February 2016, cybersecurity companies Kaspersky (www.kaspersky.com) and Alienvault (www.alienvault.com) announced that they had found new evidence linking the SPE attack with ongoing malware attacks
directed at South Korea. The security firms did not definitively specify where the attacks originated, but noted only that their evidence pointed to a group operating out of North Korea. Sources: Compiled from A. Tarantola, “Study Links North Korea to Sony Hack and Malware Campaign,” Engadget, February 12, 2016; W. Ashford, “Sony $8M Breach Settlement Underlines Need to Secure Personal Data,” Computer Weekly, October 22, 2015; P. Elkind, “Inside the Hack of the Century,” Fortune, July 1, 2015; N. Perlroth, “Jolted by Sony Hacking, Hollywood Is Embracing Digital Security,” The New York Times, March 30, 2015; W. Ashford, “Sony Data Breach Claims First Scalp as Co-Chair Steps Down,” Computer Weekly, February 6, 2015; A. David, “Security Think Tank: Sony Employee Lawsuit over Data Breach Marks Watershed Moment,” Computer Weekly, February, 2015; W. Ashford, “U.S. Blamed North Korea for Sony Attack Based on Data from 2010 U.S. Hack,” Computer Weekly, January 20, 2015; “North Korea Slams ‘Hostile’ U.S. Sanctions over Sony Cyber Attack,” Computer Weekly, January 5, 2015; M. Fackler, “North Korea Accuses U.S. of Staging Internet Failure,” The New York Times, December 27, 2014; “Sony Hack: The Consequences of Mocking Kim Jong Un,” The Week, December 26, 2014; B. Barnes and M. Cieply, “Sony, in About-Face, Will Screen ‘The Interview’ in a Small Run,” The New York Times, December 23, 2014; M. Williams, “Sony Looking for Ways to Distribute ‘The Interview’ Online,” IDG
News Service, December 21, 2014; B. Tau, “Obama Calls Sony Hack ‘Cybervandalism’ Not Act of War,” Washington Wire, December 21, 2014; M. Elgan, “The Sony Pictures Hack Changes Everything,” Baseline Magazine, December 19, 2014; A. Bacle, “White House Is Treating Sony Hack as ‘Serious National Security Matter,’” Entertainment Weekly, December 18, 2014; D. Yadron, D. Barrett, and J. Barnes, “U.S. Struggles for Response to Sony Hack,” The Wall Street Journal, December 18, 2014; E. Weise, “Experts: Sony Hackers ‘Have Crossed the http://www.kaspersky.com/ http://www.alienvault.com/ Line’,” USA Today, December 17, 2014; D. Sanger and N. Perlroth, “U.S. Links North Korea to Sony Hacking,” The New York Times, December 17, 2014; M. Williams, “Sony Hackers Release More Data, Promise ‘Christmas Gift’,” IDG News Service, December 14, 2014; B. Child, “Hackers Demand Sony Cancel Release of Kim Jong-un- Baiting Comedy,” The Guardian, December 9, 2014; W. Ashford, “North Korea Denies Sony Hack That Exposed 47,000 Personal Records,” Computer Weekly, December 5, 2014; B. Fritz and D. Yadron, “Sony Hack Exposed Personal Data of Hollywood Stars,” The Wall Street Journal, December 5, 2014; B. Barnes and N. Perlroth, “Sony Pictures and F.B.I. Widen Hack Inquiry,” The New York Times, December 3, 2014; W. Ashford, “Films Leaked Online After Sony Pictures Hack,” Computer Weekly, December 1, 2014; “Sony's New Movies
Leak Online Following Hack Attack,” Variety, November 29, 2014; www.sonypictures.com, accessed July 29, 2015. http://www.sonypictures.com/ Disaster Recovery planning on Contingency planning project A Best Practice for developing your Business Continuity Plan. Plan Objectives 1.0 Scope of Plan 2.0 Plan Assumptions 3.0 Time Frames 4.0 Contingency Strategies 5.0 Disaster Definition 6.0 Plan Implementation Phases 7.0 Emergency Response Teams 8.0 Team Responsibility 9.0 Plan Administration 10.0 Procedures Real time scenarios for Organizations Sample Company Business Contingency Plan Last Revised: I. Plan Overview and Definitions II. Restoration by Functional Area Restoration of other areas I. Plan Overview and Definitions II. Plan Assumptions INSERT MAP HERE Operating Structure INSERT ORGANIZATION CHART(S) HERE Processing or Data Center and Network Infrastructure
INSERT AS DETAIL DESCRIPTION OF TECHNOLOGY INFRASTRUCTURE AS APPROPRIATE HERE.· Assignment of Non-Essential Functions· Emergency Response Management· Functional Area Recovery Management TeamsPeriodic Testing and Plan Evaluation· Emergency Declaration Phase · Alternate Site Activation Phase INSERT DESCRIPTION OF EACH ADDITIONAL AREA AND LEAD PERSON INSERT LIST OF CRITICAL FUNCTIONAL AREAS Category 2 - Essential Functionsare those functions that are important, but which may be suspended for a period of time (ranging from three to five days) without having a critical impact on the business. Sample Company has defined Category 2 functions as follows: Office applications such as word processing or spreadsheet solutions General Accounting (General Journal, General Ledger, Fixed Assets) INSERT OTHER FUNCTIONS AS APPROPRIATE Category 3 - Necessary Functionsare important to the business, but in the case of a catastrophic failure, could be suspended for a period of time or restored after Category 1 and 2 functions are operational. Sample Company has defined Category 3 functions as follows: INSERT OTHER FUNCTIONS AS APPROPRIATE Category 4 - Desirable Functionsare those tasks that are a part of day-to-day business, but could be performed manually, by using personal computers not connected to the network, or independently. Desirable functions can be suspended for more than 30 days, without a significant economic impact on the company. Sample Company has defined these as all other functions of the business INSERT DESIRABLE FUNCTIONS AS APPROPRIATEII. Restoration by Functional Areas
INSERT DESCRIPTION HEREBackup Restoration Testing INSERT DESCRIPTION OF BACKUP RESTORATION PROCESS HEREManagement of Application MediaWorkstation Standards The user environment is composed of INSERT DESCRIPTION based workstations from various vendors.Standard Workstation Configuration The Sample Company workstation configuration is subject to change. The following is a current standard workstation configuration for replacement in an emergency situation. INSERT CURRENT STANDARD WORKSTATION CONFIGURATIONPrinter Standards INSERT CURRENT STANDARD PRINTER CONFIGURATION(S) Power Requirements and Protection INSERT CURRENT STANDARD UPS CONFIGURATION(S)Security IT will restore all replacement units to provide for password protection.Electronic Mail In the event of a Level 3 failure of the Sample Company electronic mail server, the ISP mail services provider will be notified to hold mail until a backup server is restored. In the event of a Level 4 failure of the Sample Company electronic mail server, IT will “failover” to hosted services provided by the ISP until such time as regular services are restored.Restoration of [Insert Department Name(s)] Staff Responsibilities – Assignments INSERT RESPONSIBLE PERSONS AND ASSIGNMENTS HERE · Description of Operating Environment · File Restoration Procedures for Core Applications · File Restoration for User Work Files · List of Required Forms Stored Off-Site · List of Form Vendors for Reorders · List of Employee Contact Information · List of Key Contacts (Vendors, Suppliers, Customers)
· List of Critical Documents Stored at Primary Place of BusinessREPEAT RESTORATION PROCEDURES FOR EACH DEPARTMENT End of Sample Business Contingency Plan

Recommended

On November 24 2014 Sony Pictures Entertainment found out .pdf
On November 24 2014 Sony Pictures Entertainment found out .pdfOn November 24 2014 Sony Pictures Entertainment found out .pdf
On November 24 2014 Sony Pictures Entertainment found out .pdfaabdin101
 
Case Study 2 On November 24 2014 Sony Pictures Entertainme.pdf
Case Study 2 On November 24 2014 Sony Pictures Entertainme.pdfCase Study 2 On November 24 2014 Sony Pictures Entertainme.pdf
Case Study 2 On November 24 2014 Sony Pictures Entertainme.pdfaccuraprintengineers
 
2009 10 21 Rajgoel Trends In Financial Crimes
2009 10 21 Rajgoel Trends In Financial Crimes2009 10 21 Rajgoel Trends In Financial Crimes
2009 10 21 Rajgoel Trends In Financial CrimesRaj Goel
 
The Tech section in Forbes magazine reported that the crimi.pdf
The Tech section in Forbes magazine reported that the crimi.pdfThe Tech section in Forbes magazine reported that the crimi.pdf
The Tech section in Forbes magazine reported that the crimi.pdfabyssiniaimpex1
 
Sony - A Crisis Management Case Study
Sony - A Crisis Management Case StudySony - A Crisis Management Case Study
Sony - A Crisis Management Case StudyDylan Holbrook
 
Sony Pictures Entertainment Case A
Sony Pictures Entertainment Case ASony Pictures Entertainment Case A
Sony Pictures Entertainment Case AAshley Chase
 
Deeply Inspired Designs Porfolio
Deeply Inspired Designs PorfolioDeeply Inspired Designs Porfolio
Deeply Inspired Designs PorfolioNatalie Acevedo
 
Natalie's Acevedo Porfolio digital
Natalie's Acevedo Porfolio digitalNatalie's Acevedo Porfolio digital
Natalie's Acevedo Porfolio digitalNatalie Acevedo
 

Recommended

On November 24 2014 Sony Pictures Entertainment found out .pdf
On November 24 2014 Sony Pictures Entertainment found out .pdfOn November 24 2014 Sony Pictures Entertainment found out .pdf
On November 24 2014 Sony Pictures Entertainment found out .pdfaabdin101
 
Case Study 2 On November 24 2014 Sony Pictures Entertainme.pdf
Case Study 2 On November 24 2014 Sony Pictures Entertainme.pdfCase Study 2 On November 24 2014 Sony Pictures Entertainme.pdf
Case Study 2 On November 24 2014 Sony Pictures Entertainme.pdfaccuraprintengineers
 
2009 10 21 Rajgoel Trends In Financial Crimes
2009 10 21 Rajgoel Trends In Financial Crimes2009 10 21 Rajgoel Trends In Financial Crimes
2009 10 21 Rajgoel Trends In Financial CrimesRaj Goel
 
The Tech section in Forbes magazine reported that the crimi.pdf
The Tech section in Forbes magazine reported that the crimi.pdfThe Tech section in Forbes magazine reported that the crimi.pdf
The Tech section in Forbes magazine reported that the crimi.pdfabyssiniaimpex1
 
Sony - A Crisis Management Case Study
Sony - A Crisis Management Case StudySony - A Crisis Management Case Study
Sony - A Crisis Management Case StudyDylan Holbrook
 
Sony Pictures Entertainment Case A
Sony Pictures Entertainment Case ASony Pictures Entertainment Case A
Sony Pictures Entertainment Case AAshley Chase
 
Deeply Inspired Designs Porfolio
Deeply Inspired Designs PorfolioDeeply Inspired Designs Porfolio
Deeply Inspired Designs PorfolioNatalie Acevedo
 
Natalie's Acevedo Porfolio digital
Natalie's Acevedo Porfolio digitalNatalie's Acevedo Porfolio digital
Natalie's Acevedo Porfolio digitalNatalie Acevedo
 
Attack on Sony
Attack on SonyAttack on Sony
Attack on SonyNick Bilogorskiy
 
a. Disclosure  secret information known.Recent security incident .pdf
a. Disclosure  secret information known.Recent security incident .pdfa. Disclosure  secret information known.Recent security incident .pdf
a. Disclosure  secret information known.Recent security incident .pdfanupamele
 
SEC 573 Project 1 2.22.15
SEC 573 Project 1 2.22.15SEC 573 Project 1 2.22.15
SEC 573 Project 1 2.22.15haney888
 
Perform a search on the Web for articles and stories about social en.pdf
Perform a search on the Web for articles and stories about social en.pdfPerform a search on the Web for articles and stories about social en.pdf
Perform a search on the Web for articles and stories about social en.pdffasttrackcomputersol
 
On April 19, 2011, system administrators at Sonys On April 22, Sony .pdf
On April 19, 2011, system administrators at Sonys On April 22, Sony .pdf On April 19, 2011, system administrators at Sonys On April 22, Sony .pdf
On April 19, 2011, system administrators at Sonys On April 22, Sony .pdfamcointernationaljam
 
Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response PlanningPECB
 
Risk base approach for security management fujitsu-fms event 15 aug 2011
Risk base approach for security management fujitsu-fms event 15 aug 2011Risk base approach for security management fujitsu-fms event 15 aug 2011
Risk base approach for security management fujitsu-fms event 15 aug 2011IbuSrikandi
 
Electronic Communication Privacy Act 1986
Electronic Communication Privacy Act 1986Electronic Communication Privacy Act 1986
Electronic Communication Privacy Act 1986Chelsea Porter
 
Hacking 04 2011
Hacking 04 2011Hacking 04 2011
Hacking 04 2011Felipe Prado
 
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Alisha Deboer
 
Attack on Sony
Attack on SonyAttack on Sony
Attack on SonyKirti Ahirrao
 
1. Malicious software Chernobyl virusThe Chernobyl virus is a co.pdf
1. Malicious software Chernobyl virusThe Chernobyl virus is a co.pdf1. Malicious software Chernobyl virusThe Chernobyl virus is a co.pdf
1. Malicious software Chernobyl virusThe Chernobyl virus is a co.pdfaesalem06
 
Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]Jordan Peacock
 
Privacy in the Information Age
Privacy in the Information AgePrivacy in the Information Age
Privacy in the Information AgeJordan Peacock
 
(Sony) Risk assignment final high profile security breach of Sony’s Playstat...
(Sony) Risk assignment final high profile security breach of Sony’s Playstat... (Sony) Risk assignment final high profile security breach of Sony’s Playstat...
(Sony) Risk assignment final high profile security breach of Sony’s Playstat...James Dellinger
 
Newsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_DecNewsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_DecRaghunath G
 
Country United StatesOnce you have selected your country you wi.docx
Country United StatesOnce you have selected your country you wi.docxCountry United StatesOnce you have selected your country you wi.docx
Country United StatesOnce you have selected your country you wi.docxmelvinjrobinson2199
 
News bytes-July 2013
News bytes-July 2013News bytes-July 2013
News bytes-July 2013n|u - The Open Security Community
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomCritical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomStanford GSB Corporate Governance Research Initiative
 
Cyber security awareness for students
Cyber security awareness for studentsCyber security awareness for students
Cyber security awareness for studentsKandarp Shah
 
The State and LocalParty Organizationscentury ago, man.docx
The State and LocalParty Organizationscentury ago, man.docxThe State and LocalParty Organizationscentury ago, man.docx
The State and LocalParty Organizationscentury ago, man.docxjoshua2345678
 
The standard way to conduct quantitative content analyses prescribes.docx
The standard way to conduct quantitative content analyses prescribes.docxThe standard way to conduct quantitative content analyses prescribes.docx
The standard way to conduct quantitative content analyses prescribes.docxjoshua2345678
 

More Related Content

Similar to The Sony Pictures Entertainment Hack The Problem On .docx

a. Disclosure  secret information known.Recent security incident .pdf
a. Disclosure  secret information known.Recent security incident .pdfa. Disclosure  secret information known.Recent security incident .pdf
a. Disclosure  secret information known.Recent security incident .pdfanupamele
 
SEC 573 Project 1 2.22.15
SEC 573 Project 1 2.22.15SEC 573 Project 1 2.22.15
SEC 573 Project 1 2.22.15haney888
 
Perform a search on the Web for articles and stories about social en.pdf
Perform a search on the Web for articles and stories about social en.pdfPerform a search on the Web for articles and stories about social en.pdf
Perform a search on the Web for articles and stories about social en.pdffasttrackcomputersol
 
On April 19, 2011, system administrators at Sonys On April 22, Sony .pdf
On April 19, 2011, system administrators at Sonys On April 22, Sony .pdf On April 19, 2011, system administrators at Sonys On April 22, Sony .pdf
On April 19, 2011, system administrators at Sonys On April 22, Sony .pdfamcointernationaljam
 
Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response PlanningPECB
 
Risk base approach for security management fujitsu-fms event 15 aug 2011
Risk base approach for security management fujitsu-fms event 15 aug 2011Risk base approach for security management fujitsu-fms event 15 aug 2011
Risk base approach for security management fujitsu-fms event 15 aug 2011IbuSrikandi
 
Electronic Communication Privacy Act 1986
Electronic Communication Privacy Act 1986Electronic Communication Privacy Act 1986
Electronic Communication Privacy Act 1986Chelsea Porter
 
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Alisha Deboer
 
1. Malicious software Chernobyl virusThe Chernobyl virus is a co.pdf
1. Malicious software Chernobyl virusThe Chernobyl virus is a co.pdf1. Malicious software Chernobyl virusThe Chernobyl virus is a co.pdf
1. Malicious software Chernobyl virusThe Chernobyl virus is a co.pdfaesalem06
 
Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]Jordan Peacock
 
Privacy in the Information Age
Privacy in the Information AgePrivacy in the Information Age
Privacy in the Information AgeJordan Peacock
 
(Sony) Risk assignment final high profile security breach of Sony’s Playstat...
(Sony) Risk assignment final high profile security breach of Sony’s Playstat... (Sony) Risk assignment final high profile security breach of Sony’s Playstat...
(Sony) Risk assignment final high profile security breach of Sony’s Playstat...James Dellinger
 
Newsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_DecNewsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_DecRaghunath G
 
Country United StatesOnce you have selected your country you wi.docx
Country United StatesOnce you have selected your country you wi.docxCountry United StatesOnce you have selected your country you wi.docx
Country United StatesOnce you have selected your country you wi.docxmelvinjrobinson2199
 
Cyber security awareness for students
Cyber security awareness for studentsCyber security awareness for students
Cyber security awareness for studentsKandarp Shah
 

Similar to The Sony Pictures Entertainment Hack The Problem On .docx (20)

Attack on Sony
Attack on SonyAttack on Sony
Attack on Sony
 
a. Disclosure  secret information known.Recent security incident .pdf
a. Disclosure  secret information known.Recent security incident .pdfa. Disclosure  secret information known.Recent security incident .pdf
a. Disclosure  secret information known.Recent security incident .pdf
 
SEC 573 Project 1 2.22.15
SEC 573 Project 1 2.22.15SEC 573 Project 1 2.22.15
SEC 573 Project 1 2.22.15
 
Perform a search on the Web for articles and stories about social en.pdf
Perform a search on the Web for articles and stories about social en.pdfPerform a search on the Web for articles and stories about social en.pdf
Perform a search on the Web for articles and stories about social en.pdf
 
On April 19, 2011, system administrators at Sonys On April 22, Sony .pdf
On April 19, 2011, system administrators at Sonys On April 22, Sony .pdf On April 19, 2011, system administrators at Sonys On April 22, Sony .pdf
On April 19, 2011, system administrators at Sonys On April 22, Sony .pdf
 
Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response Planning
 
Risk base approach for security management fujitsu-fms event 15 aug 2011
Risk base approach for security management fujitsu-fms event 15 aug 2011Risk base approach for security management fujitsu-fms event 15 aug 2011
Risk base approach for security management fujitsu-fms event 15 aug 2011
 
Electronic Communication Privacy Act 1986
Electronic Communication Privacy Act 1986Electronic Communication Privacy Act 1986
Electronic Communication Privacy Act 1986
 
Hacking 04 2011
Hacking 04 2011Hacking 04 2011
Hacking 04 2011
 
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
 
Attack on Sony
Attack on SonyAttack on Sony
Attack on Sony
 
1. Malicious software Chernobyl virusThe Chernobyl virus is a co.pdf
1. Malicious software Chernobyl virusThe Chernobyl virus is a co.pdf1. Malicious software Chernobyl virusThe Chernobyl virus is a co.pdf
1. Malicious software Chernobyl virusThe Chernobyl virus is a co.pdf
 
Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]Privacy in the Information Age [Q3 2015 version]
Privacy in the Information Age [Q3 2015 version]
 
Privacy in the Information Age
Privacy in the Information AgePrivacy in the Information Age
Privacy in the Information Age
 
(Sony) Risk assignment final high profile security breach of Sony’s Playstat...
(Sony) Risk assignment final high profile security breach of Sony’s Playstat... (Sony) Risk assignment final high profile security breach of Sony’s Playstat...
(Sony) Risk assignment final high profile security breach of Sony’s Playstat...
 
Newsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_DecNewsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_Dec
 
Country United StatesOnce you have selected your country you wi.docx
Country United StatesOnce you have selected your country you wi.docxCountry United StatesOnce you have selected your country you wi.docx
Country United StatesOnce you have selected your country you wi.docx
 
News bytes-July 2013
News bytes-July 2013News bytes-July 2013
News bytes-July 2013
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomCritical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the Boardroom
 
Cyber security awareness for students
Cyber security awareness for studentsCyber security awareness for students
Cyber security awareness for students
 

More from joshua2345678

The State and LocalParty Organizationscentury ago, man.docx
The State and LocalParty Organizationscentury ago, man.docxThe State and LocalParty Organizationscentury ago, man.docx
The State and LocalParty Organizationscentury ago, man.docxjoshua2345678
 
The standard way to conduct quantitative content analyses prescribes.docx
The standard way to conduct quantitative content analyses prescribes.docxThe standard way to conduct quantitative content analyses prescribes.docx
The standard way to conduct quantitative content analyses prescribes.docxjoshua2345678
 
The Star Spangled Banner was a poem written in 1814 during the Bat.docx
The Star Spangled Banner was a poem written in 1814 during the Bat.docxThe Star Spangled Banner was a poem written in 1814 during the Bat.docx
The Star Spangled Banner was a poem written in 1814 during the Bat.docxjoshua2345678
 
The Sprit Catches You” Study Guide Ch. 11-13Give 3 details th.docx
The Sprit Catches You” Study Guide Ch. 11-13Give 3 details th.docxThe Sprit Catches You” Study Guide Ch. 11-13Give 3 details th.docx
The Sprit Catches You” Study Guide Ch. 11-13Give 3 details th.docxjoshua2345678
 
The Stages of Change The stages of change are Preconte.docx
The Stages of Change The stages of change are Preconte.docxThe Stages of Change The stages of change are Preconte.docx
The Stages of Change The stages of change are Preconte.docxjoshua2345678
 
The Staffing FunctionLearning ObjectivesAfter completi.docx
The Staffing FunctionLearning ObjectivesAfter completi.docxThe Staffing FunctionLearning ObjectivesAfter completi.docx
The Staffing FunctionLearning ObjectivesAfter completi.docxjoshua2345678
 
The Spread of New Ways in Eurasia, 200 CE to 1000 CERequired Rea.docx
The Spread of New Ways in Eurasia, 200 CE to 1000 CERequired Rea.docxThe Spread of New Ways in Eurasia, 200 CE to 1000 CERequired Rea.docx
The Spread of New Ways in Eurasia, 200 CE to 1000 CERequired Rea.docxjoshua2345678
 
The SpillDiscussion Questions1. At what level of managemen.docx
The SpillDiscussion Questions1. At what level of managemen.docxThe SpillDiscussion Questions1. At what level of managemen.docx
The SpillDiscussion Questions1. At what level of managemen.docxjoshua2345678
 
The St. Clare Hospital was founded in 1988. In the past few years, t.docx
The St. Clare Hospital was founded in 1988. In the past few years, t.docxThe St. Clare Hospital was founded in 1988. In the past few years, t.docx
The St. Clare Hospital was founded in 1988. In the past few years, t.docxjoshua2345678
 
The speed S of blood that is r centimeters from the center of an art.docx
The speed S of blood that is r centimeters from the center of an art.docxThe speed S of blood that is r centimeters from the center of an art.docx
The speed S of blood that is r centimeters from the center of an art.docxjoshua2345678
 
The Specificity Principle in Acculturation ScienceMarc H. .docx
The Specificity Principle in Acculturation ScienceMarc H. .docxThe Specificity Principle in Acculturation ScienceMarc H. .docx
The Specificity Principle in Acculturation ScienceMarc H. .docxjoshua2345678
 
The specific parts of the Friendly Assisted Living Facility case stu.docx
The specific parts of the Friendly Assisted Living Facility case stu.docxThe specific parts of the Friendly Assisted Living Facility case stu.docx
The specific parts of the Friendly Assisted Living Facility case stu.docxjoshua2345678
 
The special education resource teacher is trying to quiet an agitate.docx
The special education resource teacher is trying to quiet an agitate.docxThe special education resource teacher is trying to quiet an agitate.docx
The special education resource teacher is trying to quiet an agitate.docxjoshua2345678
 
The special education process can be overwhelming for both paren.docx
The special education process can be overwhelming for both paren.docxThe special education process can be overwhelming for both paren.docx
The special education process can be overwhelming for both paren.docxjoshua2345678
 
The son mexicano is a broad Mexican musical category. (TF)The.docx
The son mexicano is a broad Mexican musical category. (TF)The.docxThe son mexicano is a broad Mexican musical category. (TF)The.docx
The son mexicano is a broad Mexican musical category. (TF)The.docxjoshua2345678
 
The Soul Selects Her Own Society and My Life Had Stood-A Loaded Gun.docx
The Soul Selects Her Own Society and My Life Had Stood-A Loaded Gun.docxThe Soul Selects Her Own Society and My Life Had Stood-A Loaded Gun.docx
The Soul Selects Her Own Society and My Life Had Stood-A Loaded Gun.docxjoshua2345678
 
The soul friendships” can be difficult to cultivate.  As it sta.docx
The soul friendships” can be difficult to cultivate.  As it sta.docxThe soul friendships” can be difficult to cultivate.  As it sta.docx
The soul friendships” can be difficult to cultivate.  As it sta.docxjoshua2345678
 
The song is black holes by the Renee Rosnes QuintetContemporary .docx
The song is black holes by the Renee Rosnes QuintetContemporary .docxThe song is black holes by the Renee Rosnes QuintetContemporary .docx
The song is black holes by the Renee Rosnes QuintetContemporary .docxjoshua2345678
 
The son mexicano is a broad Mexican musical category. (TF).docx
The son mexicano is a broad Mexican musical category. (TF).docxThe son mexicano is a broad Mexican musical category. (TF).docx
The son mexicano is a broad Mexican musical category. (TF).docxjoshua2345678
 
The solutions you wrote for meDr Palmer and his staff are ups.docx
The solutions you wrote for meDr Palmer and his staff are ups.docxThe solutions you wrote for meDr Palmer and his staff are ups.docx
The solutions you wrote for meDr Palmer and his staff are ups.docxjoshua2345678
 

More from joshua2345678 (20)

The State and LocalParty Organizationscentury ago, man.docx
The State and LocalParty Organizationscentury ago, man.docxThe State and LocalParty Organizationscentury ago, man.docx
The State and LocalParty Organizationscentury ago, man.docx
 
The standard way to conduct quantitative content analyses prescribes.docx
The standard way to conduct quantitative content analyses prescribes.docxThe standard way to conduct quantitative content analyses prescribes.docx
The standard way to conduct quantitative content analyses prescribes.docx
 
The Star Spangled Banner was a poem written in 1814 during the Bat.docx
The Star Spangled Banner was a poem written in 1814 during the Bat.docxThe Star Spangled Banner was a poem written in 1814 during the Bat.docx
The Star Spangled Banner was a poem written in 1814 during the Bat.docx
 
The Sprit Catches You” Study Guide Ch. 11-13Give 3 details th.docx
The Sprit Catches You” Study Guide Ch. 11-13Give 3 details th.docxThe Sprit Catches You” Study Guide Ch. 11-13Give 3 details th.docx
The Sprit Catches You” Study Guide Ch. 11-13Give 3 details th.docx
 
The Stages of Change The stages of change are Preconte.docx
The Stages of Change The stages of change are Preconte.docxThe Stages of Change The stages of change are Preconte.docx
The Stages of Change The stages of change are Preconte.docx
 
The Staffing FunctionLearning ObjectivesAfter completi.docx
The Staffing FunctionLearning ObjectivesAfter completi.docxThe Staffing FunctionLearning ObjectivesAfter completi.docx
The Staffing FunctionLearning ObjectivesAfter completi.docx
 
The Spread of New Ways in Eurasia, 200 CE to 1000 CERequired Rea.docx
The Spread of New Ways in Eurasia, 200 CE to 1000 CERequired Rea.docxThe Spread of New Ways in Eurasia, 200 CE to 1000 CERequired Rea.docx
The Spread of New Ways in Eurasia, 200 CE to 1000 CERequired Rea.docx
 
The SpillDiscussion Questions1. At what level of managemen.docx
The SpillDiscussion Questions1. At what level of managemen.docxThe SpillDiscussion Questions1. At what level of managemen.docx
The SpillDiscussion Questions1. At what level of managemen.docx
 
The St. Clare Hospital was founded in 1988. In the past few years, t.docx
The St. Clare Hospital was founded in 1988. In the past few years, t.docxThe St. Clare Hospital was founded in 1988. In the past few years, t.docx
The St. Clare Hospital was founded in 1988. In the past few years, t.docx
 
The speed S of blood that is r centimeters from the center of an art.docx
The speed S of blood that is r centimeters from the center of an art.docxThe speed S of blood that is r centimeters from the center of an art.docx
The speed S of blood that is r centimeters from the center of an art.docx
 
The Specificity Principle in Acculturation ScienceMarc H. .docx
The Specificity Principle in Acculturation ScienceMarc H. .docxThe Specificity Principle in Acculturation ScienceMarc H. .docx
The Specificity Principle in Acculturation ScienceMarc H. .docx
 
The specific parts of the Friendly Assisted Living Facility case stu.docx
The specific parts of the Friendly Assisted Living Facility case stu.docxThe specific parts of the Friendly Assisted Living Facility case stu.docx
The specific parts of the Friendly Assisted Living Facility case stu.docx
 
The special education resource teacher is trying to quiet an agitate.docx
The special education resource teacher is trying to quiet an agitate.docxThe special education resource teacher is trying to quiet an agitate.docx
The special education resource teacher is trying to quiet an agitate.docx
 
The special education process can be overwhelming for both paren.docx
The special education process can be overwhelming for both paren.docxThe special education process can be overwhelming for both paren.docx
The special education process can be overwhelming for both paren.docx
 
The son mexicano is a broad Mexican musical category. (TF)The.docx
The son mexicano is a broad Mexican musical category. (TF)The.docxThe son mexicano is a broad Mexican musical category. (TF)The.docx
The son mexicano is a broad Mexican musical category. (TF)The.docx
 
The Soul Selects Her Own Society and My Life Had Stood-A Loaded Gun.docx
The Soul Selects Her Own Society and My Life Had Stood-A Loaded Gun.docxThe Soul Selects Her Own Society and My Life Had Stood-A Loaded Gun.docx
The Soul Selects Her Own Society and My Life Had Stood-A Loaded Gun.docx
 
The soul friendships” can be difficult to cultivate.  As it sta.docx
The soul friendships” can be difficult to cultivate.  As it sta.docxThe soul friendships” can be difficult to cultivate.  As it sta.docx
The soul friendships” can be difficult to cultivate.  As it sta.docx
 
The song is black holes by the Renee Rosnes QuintetContemporary .docx
The song is black holes by the Renee Rosnes QuintetContemporary .docxThe song is black holes by the Renee Rosnes QuintetContemporary .docx
The song is black holes by the Renee Rosnes QuintetContemporary .docx
 
The son mexicano is a broad Mexican musical category. (TF).docx
The son mexicano is a broad Mexican musical category. (TF).docxThe son mexicano is a broad Mexican musical category. (TF).docx
The son mexicano is a broad Mexican musical category. (TF).docx
 
The solutions you wrote for meDr Palmer and his staff are ups.docx
The solutions you wrote for meDr Palmer and his staff are ups.docxThe solutions you wrote for meDr Palmer and his staff are ups.docx
The solutions you wrote for meDr Palmer and his staff are ups.docx
 

Recently uploaded

Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 

Recently uploaded (20)

Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 

The Sony Pictures Entertainment Hack The Problem On .docx

  • 1. The Sony Pictures Entertainment Hack The Problem On November 24, 2014, a hacker group called the “Guardians of Peace” or GOP successfully attacked Sony Pictures Entertainment (www.sonypictures.com; SPE). The attackers obtained personally identifiable information about 47,000 current and former SPE employees and their dependents. These materials included numerous sensitive e-mails among top SPE executives concerning actors, financial deals, and creative disagreements; executive salaries; and complete copies of unreleased Sony films. The information included names, addresses, social security numbers, driver's license numbers, passport numbers, bank account information, credit card information used for corporate travel and expenses, usernames and passwords, and compensation and other employment-related information. The hackers claimed to have stolen more than 100 terabytes of data from SPE. The GOP initially released the most damaging information over the Internet. This information consisted of digital copies of SPE films that had been released (e.g.,
  • 2. Fury) or were yet to be released (e.g., Annie). In addition, the attackers announced they would continue to release more interesting SPE information. Although the specific motives for the attack had not been revealed as of mid- 2016, the hack has been linked to the planned release of the SPE film The Interview. In this movie, producers of a tabloid television show learn that North Korea's leader, Kim Jong Un, is a big fan of the show, and they set up an interview with him. While the show's team is preparing for the interview, the CIA recruits them to assassinate Kim Jong Un. Prior to the Sony hack, North Korean officials had expressed concerns about the film to the United Nations. The officials stated that “to allow the production and distribution of such a film on the assassination of an incumbent head of a sovereign state should be regarded as the most undisguised sponsoring of terrorism as well as an act of war.” On December 16, 2014, the GOP mentioned The Interview by name, and they threatened to take terrorist actions against the film's New York City premiere at Sunshine Cinema on December 18. The GOP also threatened similar actions on the film's America-wide release date of December 25 (Christmas). On December 18, two messages allegedly from the GOP
  • 3. appeared. The first claimed that the GOP would not release any further information if SPE agreed not to release The Interview and to remove it completely from the Internet. The second http://www.sonypictures.com/ stated that SPE had “suffered enough” and it could release the film, but only if Kim Jong Un's death scene was not “too happy.” In the aftermath of the attack, the studio was forced to use fax machines, to communicate through hard-copy posted messages, and to pay its employees with paper checks. Employees worked with pen and paper, and shops located on Sony property accepted only cash. The Law Enforcement Response Meanwhile, the FBI launched an investigation into the incident. In 2014, the bureau announced it had connected the North Korean government to the attack. The FBI's statement was based on intelligence gathered during a 2010 U.S. hack of North Korea's networks. In that action, the United States had tracked the internal operations of North Korean computers and networks. North Korea responded to the charges by denying any responsibility for the hack. Although most of the speculation about the attack has focused on North Korea, the authorities are
  • 4. investigating alternative scenarios, including the possibility that an SPE employee or former employee was involved. The Sony Response As a result of the attack, SPE shut down its entire network on November 25, 2014, and pulled the theatrical release of The Interview on December 17. Two days later, President Obama labeled the attack as “cybervandalism” and not an act of war. He also charged that that Sony's decision to pull the film from release rather than defy the hackers was a mistake because the company appeared to have capitulated to the hackers' demands. Following initial threats made towards theaters that showed The Interview, several cinema chains, including Carmike Cinemas, Bow Tie Cinemas, Regal Entertainment Group, AMC Theaters, and Cinemark Theaters, announced they would not screen the film. On December 23, 2014, SPE authorized 300 largely independent theaters to show the movie on Christmas Day. The following day SPE released The Interview to Google Play, Xbox Video, and YouTube. Sony defended its decision to pull the film by claiming they were a blameless victim. Specifically, because the attackers came from a foreign government, they had
  • 5. far more resources to attack than Sony had to defend. Therefore, the studio concluded that the attack was unstoppable. Significantly, both the FBI and security company FireEye acknowledged that the malicious software used in the Sony hack was “undetectable by industry standard antivirus software.” At the same time, however, Sony apparently failed to employ basic information security countermeasures. For example, the company's e-mail retention policy left up to seven years of old, unencrypted messages on company servers. Sony was using e-mail for long-term storage of business records, contracts, and documents it saved in case of litigation. Also, sensitive information—including user names and passwords for IT administrators—was stored in unencrypted spreadsheets and Word files with names such as “Computer Passwords.” Sony has since implemented its “secure rebuild” information security strategy. The plan's fundamental idea is zero trust. Its objectives are to keep attackers from entering the company's networks, to prevent them from accessing information if they do get in, and to block them from stealing information if they actually manage to access it. Specifically:
  • 6. network. The remainder will be stored securely, encrypted, and cut off from the Internet. -mails will be archived after a few weeks. System administrators will have access only to areas required to do their jobs. only preapproved applications. -step login (multifactor authentication) procedures. The Results Beginning on December 22, 2014, North Korea experienced an Internet failure, for which the government blamed the United States, identifying the disruptions as an attack in retaliation for the SPE hack. The U.S. government denied any role in the disruptions. Interestingly, North Korea's only Internet connections run through servers in China. Therefore, China could interdict any hacking attempts originating in North Korea. However, China and the United States are embroiled in a dispute over bilateral hacking, so it does not seem likely that China will police North Korean hacking attempts.
  • 7. The SPE attack had serious repercussions for Sony, for the U.S. government, and for every organization. Consider the damage to SPE. Analysts estimate that the costs of the attack could exceed $150 million. Such costs include business disruption, loss of information and revenue, decreased customer confidence, and many others. However, the damage done to SPE's reputation (via very sensitive e- mails) could be incalculable. In fact, several former SPE employees are suing the company for failing to adequately protect their personal data. (SPE offered one year of free credit monitoring and fraud protection to current and former employees.) In July 2015, seven cases were consolidated into a proposed class action lawsuit in a Los Angeles federal court. In October 2015, Sony agreed to pay up to $10,000 to each claimant for identity theft losses and up to $1,000 each to cover the cost of credit-fraud protection services in connection with the cyberattack. The total settlement was expected to cost Sony approximately $8 million. The U.S. government is faced with a serious problem. By presidential
  • 8. directive, the U.S. military has the responsibility to help protect and defend the nation's critical infrastructure, such as its power grid, banking system, and communications networks. However, U.S. and international entertainment companies are not part of that infrastructure. The question is: If a foreign government is attacking U.S. corporations, what is the federal government's responsibility? A related question is: If the U.S. government had known of an impending cyberattack on SPE, why didn't the government warn SPE? And the lessons to be learned? SPE's inability to protect its information from hackers serves as a reminder to corporations and individuals that if you are connected to the Internet, your information is simply not safe. Further, no one should commit anything on e-mail that he or she would not want to see on the front page of a newspaper. The likelihood of serious breaches is increasing, as is the damage these breaches can cause. Therefore, the time, effort, and money that organizations spend on information security needs to increase as well. One final note: In February 2016, cybersecurity companies Kaspersky (www.kaspersky.com) and Alienvault (www.alienvault.com) announced that they had found new evidence linking the SPE attack with ongoing malware attacks
  • 9. directed at South Korea. The security firms did not definitively specify where the attacks originated, but noted only that their evidence pointed to a group operating out of North Korea. Sources: Compiled from A. Tarantola, “Study Links North Korea to Sony Hack and Malware Campaign,” Engadget, February 12, 2016; W. Ashford, “Sony $8M Breach Settlement Underlines Need to Secure Personal Data,” Computer Weekly, October 22, 2015; P. Elkind, “Inside the Hack of the Century,” Fortune, July 1, 2015; N. Perlroth, “Jolted by Sony Hacking, Hollywood Is Embracing Digital Security,” The New York Times, March 30, 2015; W. Ashford, “Sony Data Breach Claims First Scalp as Co-Chair Steps Down,” Computer Weekly, February 6, 2015; A. David, “Security Think Tank: Sony Employee Lawsuit over Data Breach Marks Watershed Moment,” Computer Weekly, February, 2015; W. Ashford, “U.S. Blamed North Korea for Sony Attack Based on Data from 2010 U.S. Hack,” Computer Weekly, January 20, 2015; “North Korea Slams ‘Hostile’ U.S. Sanctions over Sony Cyber Attack,” Computer Weekly, January 5, 2015; M. Fackler, “North Korea Accuses U.S. of Staging Internet Failure,” The New York Times, December 27, 2014; “Sony Hack: The Consequences of Mocking Kim Jong Un,” The Week, December 26, 2014; B. Barnes and M. Cieply, “Sony, in About-Face, Will Screen ‘The Interview’ in a Small Run,” The New York Times, December 23, 2014; M. Williams, “Sony Looking for Ways to Distribute ‘The Interview’ Online,” IDG
  • 10. News Service, December 21, 2014; B. Tau, “Obama Calls Sony Hack ‘Cybervandalism’ Not Act of War,” Washington Wire, December 21, 2014; M. Elgan, “The Sony Pictures Hack Changes Everything,” Baseline Magazine, December 19, 2014; A. Bacle, “White House Is Treating Sony Hack as ‘Serious National Security Matter,’” Entertainment Weekly, December 18, 2014; D. Yadron, D. Barrett, and J. Barnes, “U.S. Struggles for Response to Sony Hack,” The Wall Street Journal, December 18, 2014; E. Weise, “Experts: Sony Hackers ‘Have Crossed the http://www.kaspersky.com/ http://www.alienvault.com/ Line’,” USA Today, December 17, 2014; D. Sanger and N. Perlroth, “U.S. Links North Korea to Sony Hacking,” The New York Times, December 17, 2014; M. Williams, “Sony Hackers Release More Data, Promise ‘Christmas Gift’,” IDG News Service, December 14, 2014; B. Child, “Hackers Demand Sony Cancel Release of Kim Jong-un- Baiting Comedy,” The Guardian, December 9, 2014; W. Ashford, “North Korea Denies Sony Hack That Exposed 47,000 Personal Records,” Computer Weekly, December 5, 2014; B. Fritz and D. Yadron, “Sony Hack Exposed Personal Data of Hollywood Stars,” The Wall Street Journal, December 5, 2014; B. Barnes and N. Perlroth, “Sony Pictures and F.B.I. Widen Hack Inquiry,” The New York Times, December 3, 2014; W. Ashford, “Films Leaked Online After Sony Pictures Hack,” Computer Weekly, December 1, 2014; “Sony's New Movies
  • 11. Leak Online Following Hack Attack,” Variety, November 29, 2014; www.sonypictures.com, accessed July 29, 2015. http://www.sonypictures.com/ Disaster Recovery planning on Contingency planning project A Best Practice for developing your Business Continuity Plan. Plan Objectives 1.0 Scope of Plan 2.0 Plan Assumptions 3.0 Time Frames 4.0 Contingency Strategies 5.0 Disaster Definition 6.0 Plan Implementation Phases 7.0 Emergency Response Teams 8.0 Team Responsibility 9.0 Plan Administration 10.0 Procedures Real time scenarios for Organizations Sample Company Business Contingency Plan Last Revised: I. Plan Overview and Definitions II. Restoration by Functional Area Restoration of other areas I. Plan Overview and Definitions II. Plan Assumptions INSERT MAP HERE Operating Structure INSERT ORGANIZATION CHART(S) HERE Processing or Data Center and Network Infrastructure
  • 12. INSERT AS DETAIL DESCRIPTION OF TECHNOLOGY INFRASTRUCTURE AS APPROPRIATE HERE.· Assignment of Non-Essential Functions· Emergency Response Management· Functional Area Recovery Management TeamsPeriodic Testing and Plan Evaluation· Emergency Declaration Phase · Alternate Site Activation Phase INSERT DESCRIPTION OF EACH ADDITIONAL AREA AND LEAD PERSON INSERT LIST OF CRITICAL FUNCTIONAL AREAS Category 2 - Essential Functionsare those functions that are important, but which may be suspended for a period of time (ranging from three to five days) without having a critical impact on the business. Sample Company has defined Category 2 functions as follows: Office applications such as word processing or spreadsheet solutions General Accounting (General Journal, General Ledger, Fixed Assets) INSERT OTHER FUNCTIONS AS APPROPRIATE Category 3 - Necessary Functionsare important to the business, but in the case of a catastrophic failure, could be suspended for a period of time or restored after Category 1 and 2 functions are operational. Sample Company has defined Category 3 functions as follows: INSERT OTHER FUNCTIONS AS APPROPRIATE Category 4 - Desirable Functionsare those tasks that are a part of day-to-day business, but could be performed manually, by using personal computers not connected to the network, or independently. Desirable functions can be suspended for more than 30 days, without a significant economic impact on the company. Sample Company has defined these as all other functions of the business INSERT DESIRABLE FUNCTIONS AS APPROPRIATEII. Restoration by Functional Areas
  • 13. INSERT DESCRIPTION HEREBackup Restoration Testing INSERT DESCRIPTION OF BACKUP RESTORATION PROCESS HEREManagement of Application MediaWorkstation Standards The user environment is composed of INSERT DESCRIPTION based workstations from various vendors.Standard Workstation Configuration The Sample Company workstation configuration is subject to change. The following is a current standard workstation configuration for replacement in an emergency situation. INSERT CURRENT STANDARD WORKSTATION CONFIGURATIONPrinter Standards INSERT CURRENT STANDARD PRINTER CONFIGURATION(S) Power Requirements and Protection INSERT CURRENT STANDARD UPS CONFIGURATION(S)Security IT will restore all replacement units to provide for password protection.Electronic Mail In the event of a Level 3 failure of the Sample Company electronic mail server, the ISP mail services provider will be notified to hold mail until a backup server is restored. In the event of a Level 4 failure of the Sample Company electronic mail server, IT will “failover” to hosted services provided by the ISP until such time as regular services are restored.Restoration of [Insert Department Name(s)] Staff Responsibilities – Assignments INSERT RESPONSIBLE PERSONS AND ASSIGNMENTS HERE · Description of Operating Environment · File Restoration Procedures for Core Applications · File Restoration for User Work Files · List of Required Forms Stored Off-Site · List of Form Vendors for Reorders · List of Employee Contact Information · List of Key Contacts (Vendors, Suppliers, Customers)
  • 14. · List of Critical Documents Stored at Primary Place of BusinessREPEAT RESTORATION PROCEDURES FOR EACH DEPARTMENT End of Sample Business Contingency Plan