It was revealed yesterday, in an announcement from the FBI, that North Korea was responsible for the recent cyber attack on Sony Pictures Entertainment.
The attack resulted in the public release of thousands of confidential (and embarrassing) email messages and documents involving Sony, its executives, popular celebrities, and many of the entertainment company’s business partners — among other misappropriations of intellectual property. This included various Sony films now freely available on pirate sites. According to Patrick Mahaffey, CEO of software consulting firm Room 5, the Sony hack “may have ushered in a new era of state sponsored terrorism against civilian targets.”
North Korea’s actions weren’t financially motivated, but rather purely political in nature. However, they were financially impacting. Kim Jung-un’s third world, impoverished totalitarian regime just cost an American subsidiary of a Japanese company $200-300 million in lost revenue—not to mention a severely tarnished reputation. To put this in perspective, Sony Pictures Entertainment, based in Culver City, California, reported $8 billion in revenue for fiscal year 2014.
On December 15, CNNMoney reported that parent company Sony’s stock had fallen 10 percent due to the incident. Then, on December 17, the FBI announced that it considered the hacking incident a national security threat. On December 19, the event elicited public statements from President Barack Obama, who said that Sony Pictures “made a mistake” in cancelling the release of the film and that the United States would respond to the attack “in a place and manner and time that we choose.”
According to Reuters: “‘North Korea’s ultimate goal in cyber strategy is to be able to attack national infrastructure of South Korea and the United States,’ said Kim Heung-kwang, a defector from the North who was a computer science professor and says he maintains links with the community in his home country.”
The general tone among Americans has been that Sony (and, by extension, Hollywood) spinelessly caved to the influence of a rogue dictator. Echoing the President’s comments, social media has been abuzz with anti-Sony sentiment, and even calls for boycotts.
I would argue that North Korea’s actions amount to a terrorist act on the part of a communist totalitarian nation, in the form of a cyber attack that, akin to an act of war, brought Japanese Sony, American-based Sony Pictures Entertainment, and American partners like Snapchat to their knees. I would also argue that this event can be—in the long run—good for us. Here’s why.
It’s easy to become too internally focused when you’re in one of the most technologically, culturally, and economically advanced nations in the world—and a shining example of democracy and progress, despite all of our internal bickering and ideological and religious contention.
This isn’t the time to be pointing out how the family dog crapped on the rug a few times. Rather, we should be thankful that Rover keeps the house safe from intruders and kills pesky rodents before they begin living in the garage or digging into that 50-lb bag of bird seed. It’s our bird seed, dammit, and Rover—rug pooping and all—helps protect it from thieves.
North Korea’s recent acts of cyber terrorism are a wake-up call not only to large corporations like Sony, but also to middle class Americans. Although I’m certainly not an expert on this topic, I don’t think it was a wake-up call to our government’s security agencies or the military. I believe they’re in the loop on this one.
The revelation of North Korea’s cyber attack on Sony Pictures proves that we’re much more vulnerable than we think. If a black hat hacker anywhere, foreign or domestic, wants to steal your identity, copy or corrupt your data, or blackmail or embarrass you, even a moderately talented cyber thief can do so with relative ease. The reason it hasn’t happened to you is because you haven’t been targeted. At least, not that you’re aware.
According to Daniel Solove, a research professor of law at George Washington University Law School, “All of our personal data is at significant risk. At home or at work, your personal data is at risk. Whether in the cloud, or on your computer, or in an email, your data is at risk. The internet wasn’t built for security; it is a very risky zone, like wandering a minefield.”
Computer and networking technology, along with the common skills of hackers, have evolved to the point that, regardless of motive, these cyber bad guys can swoop in, steal or corrupt your data, and leave almost no trace. You may have been hacked and have no idea. The IT departments of major retailers like Target, Home Depot, and Neiman Marcus have been hacked and suffered the theft of point-of-sale data for tens of millions of customers. And, in some cases, they barely learned that it happened. If $100 million IT departments are vulnerable, what do you think can happen to you and me?
Statistics from a variety of sources indicate that the majority of Americans never (as in never) backup their data. Surveys and metrics also indicate that our passwords—even for things like bank and investment accounts—are pathetically weak. Do you have any “password1234” passwords in your collection? How about a derivation of your name (or your pet’s name)? Do you use the same password, or a slight variation, on all of your accounts? I know; it makes them easier to remember. It also makes you extremely vulnerable to hacking.
There’s plenty of books and resources available to help you improve your data security. I won’t push my book, because the point is simply to get you to improve your personal data security, not necessarily buy something from me. But do something.
Learn about what you can do. Make a plan. Execute it. Maintain your efforts. Be diligent.
Take it seriously.
Did you, or one of your friends, ever run a car out of gas? Wasn’t there a feeling of incredible stupidity and regret? Wasn’t there a realization that a brief stop at a local gas station could have been made oh-so-easily, preventing the embarrassment and expense of your negligence and oversight?
Well, get ready. Because the Sony Pictures hack by North Korea is only the beginning. Organizations and individuals that aren’t prepared will, sooner or later, suffer.
Try not to be one of them.
Curt Robbins
Curt Robbins is author of the following books from Amazon Kindle: Home Theater for the Internet Age ($9.95), Understanding Personal Data Security ($4.99), Understanding Home Theater ($4.99), Understanding Cutting the Cord ($4.99), and Understanding Digital Music ($4.99). You can follow him on Twitter at @CurtRobbins, at rAVe Publications, and on Flickr.