Sony Picture Entertainment’s internal network was paralysed in a massive hack. The breach triggered in a complete shut down of all the systems. While employees resorted to using pen and paper, IT was unable to resolve the issue for two days.
According to Variety, after Sony Pictures Hacked, internal IT had to advised all its employees not to connect to corporate network or emails and to shut down their computers and to disconnect Wi-Fi on mobile devices. The hack did not impact Sony’s other divisions.
An unnamed source who spoke with Bloomberg said that, an image appeared on all compromised Sony Picture Entertainment computer screens. The image read:
“Hacked By #GOP Warning: We already warned you, and this is just a beginning. We continue till our request be met. We’ve obtained all of your internal data including your secrets and top secrets. If you don’t obey us, we’ll release the data shown below to the world.”
#GOP, which stands for Guardians of Peace is a known hacker group. They held Sony Picture Entertainment groups business secret data as ransom for meeting the above demands. According to unverified sources, the data (a 200MB notepad file) has been leaked.
This is not the first time when Sony’s computers have been targeted in a massive attack. There have been numerous small and large hacks on the company’s networks in the last few years. Personal and financial details of PlayStation Network’s users were hacked and leaked in 2011. Another attack on the PSN in August 2014 took the network offline by driving artificial traffic to it in a DDoS attack. Sony Picture Entertainment was also hacked in June 2011, according to sources private data of over 37,000 users was exposed in that attack.
Even though Sony has hundreds of staff in IT department and vendor support dedicated to secure the company’s servers, they were hacked anyway. According to the research by consulting firm AT Kearney, cyber attacks by hackers have resulted in financial losses for more than 25% of all web based businesses. In theory, an unprotected server may compromise an entire data center. If you run your own dedicated server(s), you should take security seriously. In a few simple steps, you can ensure the basics are covered. We will post tutorials in the next few weeks to help you protect your servers with a few basic tweaks. We will also look into advanced steps and scripts, services or software you can use to protect your dedicated server.