Arraya Insights | January 2, 2015
Right now there are nearly as many theories about who hacked Sony Pictures as there are people signing up at their local gyms to get started on those New Year’s resolutions. Even though the FBI is still steadfastly convinced North Korea’s fingerprints are all over the attack, another theory has been gaining steam lately.
The idea, which is being heralded by cyber security firm Norse, claims the hack on Sony may have been an inside job. Norse believes it’s narrowed down the field of potential hacker suspects to a small group of people, including one ex-Sony employee. That person had been employed by Sony for roughly a decade before being laid off back in May. It just so happens that this former employee was described as having a “very technical background” and had a working knowledge of Sony’s systems.
Norse shared its findings with the FBI during a recent three-hour meeting, but it didn’t sway the FBI from its stance that the attacks came about thanks to North Korea.
The hack on Sony Pictures resulted in the release of the personal information of employees, full-length films which hadn’t hit theaters yet, embarrassing internal emails, and more. Eventually hackers demanded that Sony cancel the release of “The Interview,” a comedy about an assassination attempt on North Korean leader Kim Jong-un. This amped up the speculation that North Korea had a hand in what was taking place.
While we may never know the exact, 100%-verified reason behind the Sony hack and even if Norse’s theory doesn’t pan out, it still does reinforce an important point for IT pros: turnover can be dangerous. And it’s not just in the event that a disgruntled ex-employee decides to use his or her knowledge of your systems to get in and release valuable or damaging information.
In the case of JPMorgan Chase, turnover in IT may have resulted in a missed two-factor authentication upgrade to a server in its datacenter. This allowed hackers easier access to the bank’s network where they were able to access the personal information of roughly 83 million households and small businesses.
When a person leaves your IT team – whether it’s his or her decision or not – it can result in more work being put on the remaining team members. When that happens, less-urgent but still important tasks like user account maintenance and system upgrades may get pushed off until later, which can open the door to potential problems.
Your company’s business technology should be flexible, responsive and probably most importantly, secure. But getting it there on your own can be a challenging and time-consuming process. To find out how Arraya Solutions can help you realize those goals, click here or speak with your Arraya account representative today.