Hackers cause Sony major financial, reputational damage
Information security expert John D鈥橝rcy, assistant professor of information technology management at the University of Notre Dame, says this week鈥檚 hacking attack on Sony Corp. is yet another example of the significant information security threat that affects almost all businesses.
The group of hackers, which calls itself 鈥淟ulzSec,鈥 posted Sony network plans and code, the latest in a string of attacks in the last few months. In April, the Japanese technology and media giant was forced to shut down servers that hosted its PlayStation Network service after it was discovered that it had been hacked and the personal information of 100 million customers had potentially been stolen.
鈥淚t seems Sony has become the laughing stock of the hacking community,鈥 D鈥橝rcy says. 鈥淪ony鈥檚 damages total more than $172 million, which really speaks to the fact that security is no longer simply a technical issue that should be delegated to IT personnel. It has become a general business and risk management matter that should concern management at top levels of the organization.
鈥淩ight now, Sony is suffering from major financial and reputational damage,鈥 he says. Moreover, as expressed in the hackers鈥 messages, there is little that can be done by law enforcement and the FBI to help with the situation. Given the ease and anonymity with which these hacks can be conducted, as well as jurisdiction issues that prevent U.S. law enforcement from pursuing certain international hacking groups, it is likely that the bad guys will remain in the driver鈥檚 seat for the foreseeable future.鈥
D鈥橝rcy conducts research on information security and computer ethics. In recent papers, he has examined the effectiveness of procedural and technical security controls in deterring computer abuse. His research also investigates individual and organizational factors that contribute to end user security behavior in the workplace.
Provided by University of Notre Dame
