We now know that North Korea was involved, in some way, with the cyber attack and ultimate blackmail of Sony Pictures. What started as a comedy about killing the dictator of North Korea, has now turned into that rogue nation state (or some other agent) effectively controlling Sony Pictures.
We live in a new era of cyber warfare, where the stakes have just risen for all organizations as a result of the North Korean attack on Sony. Luckily, Managed Service Providers have a role to play in this cyber warfare era, and that should give some comfort to those organizations who now think they could become the next Sony target.
Lesson Learned from Sony Hack
The Sony cyber attack can teach us a lot, but one thing in particular should grab the attention of all MSPs. When Sony was breached, they didn’t just lose valuable email, film scripts, and actual copies of movies, they suffered a loss of their reputation. The recent decision by Sony to not release their movie The Interview isn’t just a political loss, it will have wide ranging repercussions throughout the Sony supply chain.
Movie theaters, distribution partners, the actors, and many other people involved with Sony have now been impacted by this attack. This data breach demonstrated exactly how vulnerable a corporate target can be, as well as the ripple effect of numerous third parties who work with Sony.
Cyber Blackmail Can Work
The Sony attack demonstrated, perhaps for the first time, that cyber warfare can be quite effective. We now live in a world where a rogue nation state is de facto running a major Hollywood film studio.
Organizations need to prepare for a Sony style attack, meaning the data breach is only the beginning of the attack. Once the data breach has occurred, more mayhem and blackmail could be in store. MSPs, in particular, need to begin working with their customers in developing strategies for dealing with this style of cyber attack. Creating plans involving data breach response, getting the right type of cyber insurance, and having updated service agreements are just a few of the issues which should be addressed.
Separate Sensitive Data
We learned from the Sony attack that the company held a lot of sensitive data in a single place. Part of a good security profile is to separate your data according to its importance. By classifying data according to business relevance, sensitivity, and legal liability, organizations can more effectively create a security mechanism to prevent the type of catastrophe Sony is currently facing.
It is important to note that MSPs can develop new value and revenue streams from assisting customers categorize, manage, and protect different tiers of data.
Beware the Insider Threat
It has not been proven. It there are plenty of opinions circulating that the Sony attack could not have been perpetrated without the help of someone on the inside. While this may or may not be proven in the end, we do know that the majority of data breaches occur as a result of someone on the inside, either an existing or former employee. It certainly makes sense that the hackers knew exactly where to go to inflict maximum damage on the company.
MSPs going through the MSP/Cloud Verify program must demonstrate segregation of duties, and other security and operational best practices to protect their customers. The same practices should also be adopted by organizations. MSPs are in a position to help their customers design operational safeguards to help protect data from potential insider threats.
Conclusions
Much more will undoubtedly come out about the Sony attack. In the meantime, MSPs should beware; we now live in a new era of threat and exposure involving IT. If anything, the role of MSPs should be enhanced, as many MSPs can and should play a more active role in helping their customers face these new threats.