TECH

Sony Pictures Hack Could Be 'New Normal' In 2015

18/12/2014 13:55 GMT | Updated 18/12/2014 13:59 GMT

The Sony Pictures hack has been unprecedented in its scale and impact.

Welcome to the new normal.

Experts have said that massive cyber attacks could become commonplace in 2015, as hackers finally exploit to the full poor security measures taken by some of the world's biggest companies.

When hackers calling themselves the Guardians of Peace and believed to have links to North Korea broke into Sony's internal systems last month and stole huge amounts of data, it was reported it was in retaliation for the upcoming release of a movie about a plot to kill North Korean leader Kim Jong-Un.

sony pictures

Now the film in question, The Interview, has seen its release cancelled amid threats of terrorist attacks on cinemas that choose to screen it.

It follows the mass leak of personal details of over 40,000 employees, full versions of movies yet to be released and email exchanges criticising Angelina Jolie which have left the firm deeply embarrassed.

Online security experts have now suggested that the success the hackers have had with this attack in terms of data snatched and coverage received could see similar breaches occur more frequently in the future.

Roy Duckles, director at web security experts Lieberman Software:

"There are several key concerns about this particular attack; it has been a sustained attack and Sony seem to have daily issues that they seem unable to contain or re-mediate. It has spilled over to affect Sony's customers, as in the cinema operators and their patrons. This attack is more cyber-terrorism than just a malicious hack, and the recent threats made to cinema goers have escalated this to a Presidential discussion level in the US.

"If this is an orchestrated attack from a rogue state, then it really brings into question the effectiveness of the current design of IT Security policies and infrastructure in many Western organisations.

"Ironically, this type of event is exactly the stuff of Hollywood movies."

Mark James, a security specialist at anti-virus and malware experts ESET:

"This is certainly causing quite a storm in the media and is having exactly the effect the perpetrators require," he said.

"Normally these types of attacks don't impact the average person all that much but with this incident it is actually causing people to stop and think, and with Sony now pulling the screenings of The Interview it shows how much its affected not only Sony but more importantly Sony's customers.

"The impact of this hack is massive and with all the attention it is getting I expect we could see similar attacks of this scale in the future."

Security expert Brendan Rizzo:

"The events that continue to unfold related to this breach show a startling escalation of cyber attacks that are now becoming a worryingly effective tool for spreading fear and economic damage," he said.

"The security world have been preparing for large-scale cyber terrorism attacks for years, with the state-sponsored variant proving the biggest risk due to the larger magnitude of resources that can be brought to bear.

"There have been several isolated incidents reported already, but the recent attack now further blurs the line between state-sponsored attacks, which are often seen as being politically or economically motivated, and cyber protests, which are usually meant to raise awareness or disseminate information."

"If attackers gain an upper hand and are able to wreak damage on companies at will without being traced, and if these attacks are able to achieve at least some of their objectives such as the recent postponement of the movie release that we have just seen, then this could be a harbinger of an escalation in these types of attacks still to come."

Sony did receive some sympathy from within the security community, though.

Ian Pratt from Cupertino-based web firm Bromium said:

"Attackers have a huge advantage over the defenders, in terms of the tools at their disposal and the ease of which they can penetrate networks.

"We have just seen this with the Sony Pictures compromise that happened with all their machines being compromised by a criminal gang that wanted to extort money.

"It's not that Sony Pictures did a bad job, it's an attack that could have been used on any company across the world, but I think we are going to have a realisation that something needs to change."