ISMG's Guide to the Sony Breach

A Comprehensive Index of News, Analysis and Opinion
ISMG's Guide to the Sony Breach

Is there a bigger security news story in all of 2014 than the breach of Sony Pictures Entertainment?

See Also: Unite & Disrupt: Mitigate Attacks by Uniting Security Operations

In late November, Sony suffered a significant cyber-attack that led to intellectual property and personal employee details being leaked online. Since then, on nearly a daily basis, new details have come to light about the breach, which the FBI has blamed on North Korea.

The following index offers you a comprehensive guide to all of Information Security Media Group's ongoing coverage of the Sony breach, from breaking news to expert commentary on the attack, including lessons for organizations to incorporate in their own security programs.

From Attack to FBI Attribution

On Nov. 24, Sony Pictures faced the wrath of hackers when "wiper" malware detonated on the company's systems, reportedly erasing PC and servers' hard drives, as well as the machines' Master Boot Record, thus "bricking" the devices.

A group claiming credit for the attack, called "Guardians of Peace," subsequently began releasing data stolen from Sony, including high-quality digital copies of new movies that have yet to see their U.S. or global release, as well as sensitive information on employees, including health data.

Following weeks of data leaks, G.O.P. published a "terror" threat on Dec. 16 against movie theaters planning on showing "The Interview," in which a tabloid TV reporting team heading to Pyongyang to interview dictator Kim Jong-Un are approached by the CIA to assassinate him. On Dec. 17, Sony canceled the film's scheduled Dec. 25 release. Two days later, the FBI attributed the malware attack to North Korea.

Subsequently, Sony Pictures reversed its decision and announced plans to release "The Interview" in a limited number of theaters, as well as online. Below is a guide to the news that developed following the "wiper" malware attack against the film studio:

Expert Insights

As news of the Sony Pictures hack unfolded, security experts weighed in on Sony's alleged security inadequacies, the studio's decision to cancel the release of the film, as well as their breach response mistakes.

The breach has been described as a turning point in cybersecurity, as it is likely to give more CISOs a new degree of board-level visibility. "That visibility will come at a price, though, with CISOs now in the hot seat to see that their organization doesn't have its own 'Sony breach,'" says Tom Wills, director of consulting firm Ontrack Advisory.

Following are features, interviews and blogs gauging the significance and consequences of the Sony breach:

Infographic Resources

ISMG's coverage of the Sony breach also includes an infographic that details the similarities between Sony's "wiper" malware attack with those against firms located in Saudi Arabia and South Korea, as well as a visual timeline of the events surrounding the breach at the film studio.


About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.




Around the Network