We live in a time where hacking is not only a sport, but it is used for vengeance and financial gain. It’s no surprise that many large organizations and corporations have been targeted within the past few years. Anthem, eBay, Target, and JPMorgan Chase are just a few that made major headlines. Although customers seem to understand the sad inevitability of these attacks, organizations lose business when messaging after-the-fact is inaccurate. It seems that not knowing exactly what was lost or stolen – or failing to communicate the situation clearly – is more infuriating than the reality that the system was breached in the first place.
With the importance of messaging and effective communication in mind, we will discuss two recent data offenses: Sony Pictures and the Democratic National Committee (DNC). With their stories in mind, we will lay out how their outcomes would have been entirely different if they had been properly prepared for today’s cybersecurity environment.
Sony Pictures: When Hackers Follow Through on Threats
When Sony announced its plans to release a film in 2014 called The Interview, threats immediately started to pour in. The movie is a satirical comedy based on a fictional plot to assassinate Kim Jong-Un, the leader of North Korea. Hackers in North Korea were not amused with the storyline.
Sony incredulously ignored the intimidation and sought no additional help to secure their networks. Not believing or recognizing the dangers, they blindly put their faith in elementary antivirus software that is used commonly in their
At approximately 7:00 AM PST on November 24, employees at Sony who tried logging into Sony’s network were greeted with the sound of gunshots and an incredibly disturbing image on their computer screens. A glowing red skeleton in a menacing stance was standing over the shrunken heads of the studio’s top two executives. Text scrolled on the screen warning of more destruction and detailing data that the hackers had already obtained.
Within an hour, the malware had spread across more than half of Sony’s global system. It erased data stored on 3,262 out of 6,797 personal computers and 837 out of 1,555 servers. For extra spite, a deleting algorithm wrote over data seven ways to ensure that recovery would be impossible. And once that was done, the algorithm destroyed the start-up software, leaving the machines lifeless and defunct.
Unfinished scripts, emails, 47,000 social security numbers, and five films (four of which had not yet been released) were delivered to the public on various file-sharing and piracy sites over the next few weeks. Sony abandoned the film’s launch but then back-tracked after public outrage over the capitulation. Employees were enraged over the careless loss of their personal information and eventually sued the company. With identity theft costs unknown into the foreseeable future, Sony estimates that this incident will cost them at least $35M – and a good deal of their credibility in Hollywood and throughout the rest of the world.
The DNC: When Hackers Linger Undetected
In mid-June 2016, a contractor notified the DNC that their system had been hacked. Not only did the data breach affect their organization, but it also hit the Democratic Congressional Campaign Committee and the accounts of persons and other groups involved with Hillary Clinton’s presidential campaign. Emails, personal contact information, credit cards, and bank account details were stolen from staffers, donors, and supporters.
When the DNC started to delve into the breach, they found out that at least two hacking groups had been in their network over the course of at least a year. An entire year passed without anybody knowing about the loss of a single piece of information.
Upon finding out about the attacks, the DNC released a statement indicating that no financial records had been accessed. Almost immediately, a hacker posted financial details on a file-sharing website. Then, Wikileaks received copies of the emails and began posting them on their site. As a result of the leaked emails, several top officials -including the Chairwoman – resigned.
At this writing, it seems like the full magnitude of the breaches is still unknown. Many are worried that the Democratic Governors’ Association was also hacked, but there is no evidence to support that yet. They have already felt the pains of disparaged supporters, though, following their poor and inaccurate messaging regarding the attacks.
Who’s to Blame?
Malware was the culprit in both the Sony and DNC violations. Although the specifics are not known on the DNC side as to how their system got infected, Sony was able to pinpoint the precise origin of their attack. Months before the breach, employees received phishing emails asking for users to log into a phony site with their Apple identifications and passwords. Once the criminals had this information, they used LinkedIn profiles to guess login credentials for the Sony network. The scam worked beautifully.
While one enterprise was blindsided, the other knew the danger was imminent. Neither organization was prepared for an attack of this magnitude, yet they both stood their ground – stating that they couldn’t have handled the situation any better than they did.
Take Two: Data Intelligence Transforms the Story
If Keeper Technology had been in the mix, here’s how the stories would have changed:
Keeper has a purpose-built and scalable – yet flexible – storage appliance called keeperSAFE. To enhance an enterprise’s on-premises storage ecosystem and solve the dilemma of auditable data governance, Keeper also created the missing link that is crucial for effective data governance: Intelligent Data Management Technology (IDMT). Built into the keeperSAFE infrastructure, IDMT uses automatic metadata extraction to track, manipulate, and comprehensively manage assets as they are ingested into the system, resulting in tenable data protection.
IDMT allows access controls at the metadata level. Metadata includes the computer-generated fields as well as fields defined by users. Files are only available to the users who need them, and specific IP addresses can also be used as a way to grant access.
The Graphical User Interface (GUI) takes the tens of thousands of data points per hour that keeperSAFE collects and analyzes, and presents them to the customer in a way that they can be easily monitored and understood. Performance information and operational data are available real-time. Monitoring modules ensure that as much data about the system as possible is extracted and presented to the users.
The robust keeperSAFE GUI prioritizes and distils this information for easy action, making system monitoring effortless.
2. Data Loss
keeperSAFE supports two types of encrypted data protection methods: replication and erasure coding. IDMT offers nearly limitless policy-based replication, allowing copying onto other disks, nodes, or clients. The system default is three copies but that number is configurable.
Erasure coding, on the other hand, encodes objects with redundancy information and spreads it across a number of disks, nodes, or clients. The coding parameters can be customized, but are automatically optimized by the system based on the configuration. Even authorized file deletion is held in check, as older versions are available for quick restoration.
IDMT provides unalterable audit tracking and versioning that is ideal for security and incident response. Enterprises benefit from real asset management. They know what they have, where it is, who has access to it, and what they are doing to it. Actions are logged in combination with practical, critical alerts – offering instantaneous reporting through the GUI.
When an organization is armed with a keeperSAFE with IDMT, hackers must figure out how to jump over new, challenging hurdles when it comes to gaining access to a valuable digital assets. A handful of user credentials won’t get them too far. If they do find a way in, replication and erasure coding guarantee that data is never lost. And there’s no question of what’s been compromised; the details are all right there in the metadata.
Through the effective data governance that is visible through KeeperSAFE’s robust GUI, Sony and the DNC would have identified unauthorized access immediately. They would have known precisely what files were touched, when, and by whom. Imagine how differently their data breach scenarios would have unfolded with no data losses, no information leaks… and no press conferences.