Skip to main content

The Globe and Mail

Sony breach moves cybercrime into new realm of attacks

Workers remove the poster for "The Interview" from a billboard in Hollywood, California, December 18, 2014 a day after Sony announced it had no choice but to cancel the movie's Christmas release and pull it from theaters due to a credible threat.

VERONIQUE DUPONT/AFP/Getty Images

Sony Corp.'s decision to pull a motion picture release in response to retaliatory terror threats represents an alarming development in the seemingly unstoppable cybercrimewave that has engulfed the world, security experts say.

The Sony situation "is a new and very devastating breach type," said Ray Boisvert, former assistant director of intelligence with the Canadian Security Intelligence Service. He said the threat shows the widespread impact cybercriminals can have. "We need to think about this: Have we moved from the age of the breach to the age of obliteration?"

U.S. officials reportedly believe North Korea is behind the attacks on Sony Pictures Entertainment, which started last month when a group calling itself Guardians of Peace released embarrassing e-mails, unreleased scripts, salary details and other corporate information hacked from Sony's computer systems. That escalated to threats of violence and destruction at theatres that screened The Interview, a fictional comedy about the attempted assassination of North Korean leader Kim Jong-un. After several cinema chains said they wouldn't screen the film, Sony pulled the movie a week before its Dec. 25 release date, a costly decision that has drawn criticism from prominent Hollywood and Washington figures. Pyongyang has denied any involvement in what amounts to a cross between cyberterrorism and economic sabotage.

Story continues below advertisement

John Proctor, vice-president of global cybersecurity with Montreal information technology services firm CGI Group Inc., said this is "more of a terror-type event" that runs "completely against the norm of what we see in cyberspace."

Cybercrime typically involves the stealthy infiltration of malicious software into corporate or government computer systems, followed weeks, months or even years later by the electronic extraction of data. These data breaches, including the theft of millions of credit-card numbers from Target and Home Depot, have become pervasive and costly nuisances for companies and government agencies alike, and a source of continual annoyance for individuals who have to constantly change their passwords and sometimes cancel exposed credit cards.

Inadequately prepared data keepers have spent tens of billions of dollars on cyberdefences to counteract increasingly sophisticated cybercriminals. Data raiders have perpetrated more serious breaches, including the theft of health-care and social-security information, state-sponsored cyberespionage and, in some cases, using malware to lock down computers until the owners pay "ransoms" to have them unlocked. But they typically target items of value they can sell illicitly on the black cybermarket, such as batches of credit-card numbers and exploitable bugs in popular computer programs. At the same time, "hactivists," such as those associated with Anonymous, have also been wreaking havoc online.

But the Sony situation and other recent attacks on large corporations are a different breed of attack, allegedly backed by governments in sanctioned states such as Russia, Syria and Iran and seen as a malevolent form of diplomatic payback, said Avivah Litan, a Washington-based cybersecurity analyst with technology research firm Gartner. "This is a whole new form of warfare that wasn't possible a few years ago that makes every private sector company a soldier in this army," she said. "They're not equipped to take on that role."

Some have criticized Sony for being poorly prepared for a cyber attack despite past breaches, and for overreacting after police questioned how credible the violence threat was. But Ms. Litan said the cyberattacks coupled with threats of actual physical violence "takes it to a new level we've never seen before … Every corporation has to be really nervous right now. It's not the last attack we'll see like this."

Steve Weisman, author of Identity Theft Alert and a senior lecturer at Bentley University in Waltham, Mass., said what happened to Sony "is pretty bad but it's not as bad as having the power grid or water systems go down, or the financial system affected. All these things are possible targets of cyberwarfare. This should be a wake-up call for government agencies and private companies."

Report an error Licensing Options
About the Author

Sean Silcoff joined The Globe and Mail in January, 2012, following an 18-year-career in journalism and communications. He previously worked as a columnist and Montreal correspondent for the National Post and as a staff writer at Canadian Business Magazine, where he was project co-ordinator of the magazine's inaugural Rich 100 list. More

Comments

The Globe invites you to share your views. Please stay on topic and be respectful to everyone. For more information on our commenting policies and how our community-based moderation works, please read our Community Guidelines and our Terms and Conditions.

Please note that our commenting partner Civil Comments is closing down. As such we will be implementing a new commenting partner in the coming weeks. As of December 20th, 2017 we will be shutting down commenting on all article pages across our site while we do the maintenance and updates. We understand that commenting is important to our audience and hope to have a technical solution in place January 2018.

Discussion loading… ✨