Internet Security, Lessons Learned From Sony

|

What’s happened to Sony has been extremely costly. Millions of users’ account information including credit card numbers stolen and the Playstation network crippled. Millions in revenue lost not to mention a crisis of customer trust. It’s still not clear who’s the culprit. Sony has indirectly accused the hacktivist group Anonymous who deny responsibility.

This incident shows that in an age where more and more products and services are dependent on technology, companies, individuals, and governments need to be ever more vigilant against malicious crackers/black-hat hackers. This means constantly testing vulnerabilities against exploits and making sure to practice best security practices. One doesn’t even need to know the difference between Java and Python to be able to crack or attack websites. There are free, open-source software available on websites, hacker forums, and torrents for script kiddies (pejorative term used by real hackers to denote noobs) to cause mayhem and destruction.

The Sony incident also shows that withholding or delaying information concerning user privacy and data is bad policy. Companies should be early and proactive in informing their customers of security breaches or potential data leaks. We’ve all heard of the stolen laptop, the password unprotected server, the hacked database. It’s like delivering bad news to a close friend. Would you rather have him/her hear it from you or see it on the front page of the New York Times?