Christmas, a time of peace and love. Christmas, the season of new movies and many of the major Hollywood studio releases. But this year for Sony Pictures, Sony’s entertainment company, Christmas has been anything but peace and love.
Let’s briefly review the events of the last few weeks. Sony Pictures was going to release a movie, ‘The Interview’, a comedy about an assassination attempt on the North Korean dictator. But in a case where real life trumps fiction, a group of hackers (allegedly at the behest of the North Korean government) broke into the company’s computer systems and took control of all the computers (when they arrived at the office, employees had a message from the hackers on their screen). During the attack they stole confidential information such as several unreleased movies, plans for new projects, acquisitions and products, emails and personal information of employees. The hackers’ threat was to the point that if they released the movie in theaters something equivalent to 9/11 in theaters would happen (not sure what that means). The major movie theater chains in the United States decided not to show the film and Sony canceled the release.
All this for a movie? There is clearly an attack on freedom of expression, and the President of the United States himself has already commented that Sony should not give in to terrorists and has decided to put North Korea on a list of countries that support terrorism. But the situation is more serious than it seems from what you see.
The physical world is increasingly controlled by systems and this case raises bigger concerns. Although many people find the topic of cybercrime exciting and don’t give it much thought imagine instead of Sony it is an airline. Instead of using bombs to shoot down airplanes the same can be achieved by remotely hacking into the plane’s systems. Iran’s nuclear program was delayed for several years by a computer virus (Stuxnet) supposedly created by the US government in conjunction with the Israeli government.
We have to change. This is today’s crime, very real and probably the most dangerous. And if there is already some concern about it, there must be clear prevention measures, response processes and legislation with adequate penalties. These types of criminals must have penalties that reflect the seriousness of the crimes and companies must be responsible for having adequate security measures in place. There are no impenetrable systems but most companies do not invest enough in security. Sony itself has been successfully attacked several times in the past and is suspected of still not having the levels of security it should.
All of us as users cannot ‘wash our hands’ either. We have to change our mindset and start to understand that privacy and confidentiality are increasingly difficult to maintain. What is in digital format has the great risk of becoming public in the future and maybe we should take that into account every time we write an email.
The Sony Pictures case will still be talked about in the coming weeks and unfortunately don’t expect it to be the only one in the near future. The new war is being fought in cyberspace and we must prepare to face it.