Words About Sony Hack
I don't have a lot to say about the
Sony hack, which seems to still be ongoing. I want to highlight a few points, though.
- At this point, the attacks seem to be a few hackers and not the North Korean government. (My guess is that it's not an insider,
either.) That we live in the world where we aren't sure if any given
cyberattack is the work of a foreign government or a couple of guys
should be scary to us all.
- Sony is a company that hackers have loved to hate for years now. (Remember their rootkit from 2005?) We've learned previously that putting yourself in this position can be disastrous. (Remember HBGary.) We're learning that again.
- I don't see how Sony launching a DDoS attack against the attackers is going to help at all.
- The most sensitive information
that's being leaked as a result of this attack isn't the unreleased
movies, the executive emails, or the celebrity gossip. It's the minutiae
from random employees:
The most painful stuff in the Sony cache is a doctor
shopping for Ritalin. It's an email about trying to get pregnant. It's
shit-talking coworkers behind their backs, and people's credit card
log-ins. It's literally thousands of Social Security numbers laid bare.
It's even the harmless, mundane, trivial stuff that makes up any day's
email load that suddenly feels ugly and raw out in the open, a digital
Babadook brought to life by a scorched earth cyberattack.
These people didn't have anything to hide. They aren't public
figures. Their details aren't going to be news anywhere in the world.
But their privacy has been violated, and there are literally thousands
of personal tragedies unfolding right now as these people deal with
their friends and relatives who have searched and read this stuff.
These are people who did nothing wrong. They didn't click
on phishing links, or use dumb passwords (or even if they did, they
didn't cause this). They just showed up. They sent the same banal
workplace emails you send every day, some personal, some not, some
thoughtful, some dumb. Even if they didn't have the expectation of full
privacy, at most they may have assumed that an IT creeper might flip
through their inbox, or that it was being crunched in an NSA server
somewhere. For better or worse, we've become inured to small, anonymous
violations. What happened to Sony Pictures employees, though, is public.
And it is total.
Gizmodo got this 100% correct. And this is why privacy is so important for everyone.
I'm sure there'll be more information as this continues to unfold.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.