It was a bit less spectacular and a lot less glamorous than most Hollywood disaster movies. But the recent mega-breach at Sony Pictures Entertainment had more than its share of drama and improvisation. Numerous media outlets this week published behind-the-scenes looks at how the crisis, one of the worst cyberattacks on an American company, was handled internally.
Among other unusual steps, studio CEO Michael Lynton communicated with other senior execs using old BlackBerry devices that had been in a storage room in the basement of Sony’s Culver City, California, headquarters. This was after the office’s regular communications systems were knocked out by a widespread outbreak of malware that left the company without e-mail.
Face to Face
The attack, which struck three days before Thanksgiving, also left the studio without voice mail or production systems. As the magnitude of the attack became evident, employees communicated updates via text, phone or face-to-face conversation.
Meanwhile, Sony IT staffers had started working around the clock to handle the attack. They considered taking Sony Pictures entirely offline while administrators brought out old machines that allowed them to issue physical paychecks after computer network problems made regular electronic direct deposit prohibitive.
Even then, the attitude within the company was relatively calm. Despite the disruption, the hacking was viewed as nothing more than a large annoyance. According to reports, it was only when hackers started leaking sensitive information and copyright content that Sony Pictures realized it had a multi-layered disaster on its hands.
By Dec. 1, a week after the breach was discovered, a growing sense of tension and outright panic started to permeate Sony. More than a dozen FBI investigators camped out in Sony facilities. It was a big job: Thousands of electronic documents had been stolen, internal data centers had been erased, and 75 percent of the company’s servers had been destroyed.
Among the stolen goods were contracts, salary and budget data, medical records, Social Security numbers, and five films in their entirety. Unfortunately, Sony’s disaster recovery planning was dismal. There were few backups and no contingency in place to move operations to another location.
PR Disaster
Sony’s handling of the PR fallout from the hack wasn’t much better. It canceled and then un-canceled the Christmas Day premiere of “The Interview,” the movie that, it was thought, had spurred North Korea to initiate the attack. The company was made to look no better when security experts questioned the North Korea theory and began to conclude that a disgruntled former employee may have teamed with “black hat” hackers to stage the attack.
If nothing else, revelations that Sony switched to BlackBerry devices might be good news for the struggling Canadian tech company that makes the devices, which have gone badly out of fashion with the rise of smartphones. BlackBerry has tried to remain relevant by emphasizing its superior data security and business-oriented technology. Its newest phone, the BlackBerry Classic, has BBM Protected, a secure, encrypted way to message others within an organization.
This entry passed through the Full-Text RSS service – if this is your content and you’re reading it on someone else’s site, please read the FAQ at fivefilters.org/content-only/faq.php#publishers.
