The attack on Sony has proven to be significantly damaging for the entertainment company and we are still seeing the aftermath of the attack. In light of this, Gavin Millard, EMEA Technical Director, Tenable Network Security writes:
"The size and scale of the Sony hack is unprecedented but unfortunately not unexpected. Many organisations have been fighting to control their ever-expanding attack surface and holes can be easily missed. With overburdened security teams trying to close down many avenues of entry, and hackers only needing one flaw to expand their reach, the probability of an attack of this nature occurring will always be high, especially if an attacker is motivated.
"This style of slashing and burning the infrastructure has been seen a few times recently, namely the Dark Seoul hacks targeting banks in South Korea and another that wiped 30,000 desktops at Aramco, but isn't the standard approach favoured by hackers. The general modus opperandi of attackers is to stealthily breach the target systems, exfiltrate data of interest and then remove their tracks to evade discovery rather than announcing a breach by crashing the affected system. Will we see more attacks of this style? I don't know. But organisations will have to rethink their disaster recovery plans to take this approach into consideration as it gains popularity among the hacking underground."