When will the nightmare end for Sony Pictures Entertainment? It seems that nearly every day some new detail surfaces as part of the massive cyber-attack the company has recently suffered. Nothing is safe: executives’ emails, employees’ personal information, details on upcoming projects and even films themselves have all been released by hackers whose true identities remain unknown.
The cyber-criminals, incongruously calling themselves the “Guardians of Peace,” even threatened theaters planning to screen Sony’s film The Interview and the threats have worked – Sony cancelled the film’s planned release on Christmas Day after many theaters refused to show it. Because The Interview deals with the fictitious assassination of a real-life dictator – North Korea’s Kim Jong-un – that hermit nation has been named by the Federal Bureau of Investigation (FBI) as the top suspect in the attacks.
So raw is the damage that it is probably too early to speculate on the total costs of the incursion, but one expert wrote in The Hollywood Reporter that those “will run into tens or perhaps hundreds of millions of dollars.”
Of course, while the Sony hack – and the inner workings of Tinseltown it has revealed – may make for riveting news items, the impacts of cybercrime extend much farther. In fact, recent polling suggests it has hit home for almost half of us. According to The Wall Street Journal and NBC News, about 45 percent of Americans reported that either they themselves or someone in their household had been told they were a victim of a data breach. The notification that their personal information had been compromised could have come from their financial institution, their credit card company or a retail store where they recently shopped.
This data shows just how pervasive these attacks have become. Retail stores and financial institutions have been hit with recent high-profile breaches. Hack attacks at Target and Home Depot affected 40 and 56 million customers, respectively. Even more staggering was the hit on J.P. Morgan Chase, which compromised information on some 83 million personal and small business accounts.
It doesn’t have to be this way. There are ways security can be improved and customer information protected. The stakes are even higher during the holiday shopping season. A truly collaborative approach is needed to protect all Americans while they engage in the commerce that powers our country’s economic engine.
No particular tactic will be able to stop any and all cyber-attacks, but communication between all stakeholders will be key. Merchants, banks and card companies – as well as the government – all have a role to play in maintaining a safe electronic payment environment for consumers. The companies in the private sector certainly realize that keeping their customer data safe is in everyone’s best interest. The government wants to ensure safety for its citizens against cyber-threats, whether they come foreign belligerents like North Korea or from within the United States.
Mutual trust and open lines of communication will help all sides work toward this common goal. Companies should set aside concerns about interacting with their competitors or with the government and commit to a multidirectional flow of information, intelligence and best practices.
This approach is a likely path to concrete initiatives that will step up security across the board. For example, the federal government plans next year to switch over to using payment cards which contain an embedded microchip and require the use of a personal identification number (PIN) – reportedly a more secure type of card. These new cards will be in increased use in the private sector as well, hopefully cutting down on data breaches.
If all sides commit to fighting cybercrime – and outright cyber-warfare – as part of a team effort, we can work to stop hackers from ruining future holiday seasons.