It’s been a nasty couple of months for Sony, the world’s fifth largest media conglomerate. Sony, Japan’s biggest consumer electronics exporter, was still dealing with the effects of the county’s record March earthquake when it suddenly appeared to become ground zero for a string of cyber attacks. In April, hackers broke into the company’s PlayStation network, grabbing various data from a staggering 100 million user accounts. Sony had been widely criticized for its lack of cyber security, and ended up being called before a Congressional committee to testify on the incident.
And now the company faces more questions after being hit again, this time in an attack supposedly meant to intentionally expose glaring weaknesses in Sony’s data security. Hacker group LutzSec claims to have successfully hacked the user data of 1 million Sony users, though the actual data downloaded ended up being far less than that. The group also is said to have accessed a variety of other supposedly secured data on Sony servers.
Sony’s sad saga is but the latest chapter in what has rapidly become a story of global significance, cyber security, or, more to the point, the lack of it. In the last half of the 20th Century, as digital technology began to find its way into every corner of modern life, relatively little thought was given to security because systems were generally isolated. That all changed with the explosive growth in computer communications and the Internet. The advantages of linking digital systems temporarily blinded commercial, government, and individual users to the real risks inherent in global networking.
Today, with the industrialized world not only being linked, but dependent upon being linked, the level of society’s overall vulnerability is becoming alarmingly clear. The spread of wireless technology and mobile devices has greatly aggravated the situation, resulting in an almost unlimited amount of sensitive data flying through the air, available to anyone who has the right tools. And the tools are increasingly out there, sold online in a growing industry that has proven impossible to stop.
Just as the Internet has changed the world of consumers, industry, and government, it has also changed the world of crime. It may come as a surprise to learn that more money is now stolen from banks electronically than through physical holdups. The government itself has faced a continual barrage of attacks, with some cases resulting in the loss of huge volumes of government data, including attacks believed to be orchestrated by foreign powers. But perhaps the greatest risks relate to the threat against infrastructure. This nation’s electric grid and power stations, for example, have been shown to be especially vulnerable to cyber attack, offering up the very real potential of wide scale and long term blackouts that could essentially shut down large segments of the country’s economy.
The tightening of cyber security will require a massive investment, across all layers of society, an investment that few seem willing to make. So look for more stories like Sony’s, together with a growing number of far more significant incidents, until, as with 9/11, the seriousness of the threat is finally fully recognized. Regardless of how it all plays out, there’s little question that cyber security will remain a center stage issue for the foreseeable future.