Hackers and Sony:
Last Nail in Privacy's Coffin? (Jornal De Negocios, Portugal)
"Although many people find the topic of
cybercrime exciting and consider it to have little relevance, imagine instead that
Sony was an airline. Instead of using bombs to bring down planes the same can
be achieved remotely by breaking into an aircraft's computer system. … We need
to change our thinking and begin to understand that privacy and confidentiality
are increasingly harder to maintain. Any content that has been digitized is at
great risk of becoming known to the public. Perhaps we should take this into
account whenever we write an e-mail. … The
new war is being fought in cyberspace and we need to prepare to face it."
Christmas, season of peace and love; Christmas, a time
of new films and major Hollywood studio releases. This year for Sony Pictures
and the Sony Entertainment company, Christmas had anything but peace and love.
Let’s briefly review the events of recent weeks. Sony
Pictures was due to release a movie, The
Interview, a comedy about an attempt to assassinate the North Korean
dictator. In a case where real life surpasses fiction, a group of hackers
(supposedly at the behest of North Korea) broke into the company's computer
system took control of its network (when employees arrived at work there was a message
from the hackers on their screens). During the attack, confidential information
such as films yet to be released, plans for new projects, acquisitions and
products, e-mails and personal employee data was stolen. The threat from the hackers
reached a point in which theaters were warned that something equivalent to September
11 would happen on cinemas (it isn't clear what that meant). The largest U.S.
cinema chains decided not to screen the film and until Sony changed its mind, Sony
cancelled its release.
And all this for a movie? This is obviously an attack
on free expression, and the president of the United States himself already
stated that Sony shouldn't give in to terrorists and has decided to put North
Korea on the list of state sponsors of terrorism. However, the situation is
more serious than it seems because of what's on the horizon.
The physical world is
increasingly controlled by systems - which in this case raise broader concerns.
Although many people find the topic of cybercrime exciting and consider it to
have little relevance, imagine instead that Sony was an airline. Instead of
using bombs to bring down planes the same can be achieved remotely by breaking
into an aircraft's computer system. Iran's nuclear program was delayed for
several years due to a computer virus (Stuxnet) supposedly created
by the U.S. and Israeli governments.
We have to change. This crime is happening today, is very
real and likely to be extremely dangerous. And if there is now some concern
about the topic, there is a need to take clear prevention measures, develop
processes to respond and create legislation with the appropriate penalties. Penalties
for this class of criminals should reflect the severity of their crimes.
Meanwhile, companies have to be held responsible for taking sufficient security
measures. There are no impenetrable systems, but most companies do not invest
enough in security. Sony itself has already been successfully attacked several
times and it is still suspected of lacking the necessary security.
Meanwhile, all of us, as users, cannot just “wash our
hands.” We need to change our thinking and begin to understand that privacy and
confidentiality are increasingly harder to maintain. Any content that has been
digitized is at great risk at some time in the future of becoming known to the
public. Perhaps we should take this into account whenever we write an e-mail.
The case of Sony Pictures will be spoken about in the
coming weeks and unfortunately we can count on more such cases in the near
future. The new war is being fought in cyberspace and we need to prepare to
face it.
