Hackers cause Sony major financial, reputational damage

June 8, 2011, University of Notre Dame

Information security expert John D’Arcy, assistant professor of information technology management at the University of Notre Dame, says this week’s hacking attack on Sony Corp. is yet another example of the significant information security threat that affects almost all businesses.

The group of hackers, which calls itself “LulzSec,” posted Sony network plans and code, the latest in a string of attacks in the last few months. In April, the Japanese technology and media giant was forced to shut down servers that hosted its PlayStation Network service after it was discovered that it had been hacked and the personal information of 100 million customers had potentially been stolen.

“It seems Sony has become the laughing stock of the hacking community,” D’Arcy says. “Sony’s damages total more than $172 million, which really speaks to the fact that security is no longer simply a technical issue that should be delegated to IT personnel. It has become a general business and risk management matter that should concern management at top levels of the organization.

“Right now, is suffering from major financial and reputational damage,” he says. Moreover, as expressed in the hackers’ messages, there is little that can be done by law enforcement and the FBI to help with the situation. Given the ease and anonymity with which these hacks can be conducted, as well as jurisdiction issues that prevent U.S. law enforcement from pursuing certain international hacking groups, it is likely that the bad guys will remain in the driver’s seat for the foreseeable future.”

D’Arcy conducts research on and computer ethics. In recent papers, he has examined the effectiveness of procedural and technical security controls in deterring computer abuse. His research also investigates individual and organizational factors that contribute to end user security behavior in the workplace.

Explore further: ND Expert: WikiLeaks points out danger of insider threats to information security

Related Stories

Hackers claim another Sony attack

June 7, 2011

Hackers claimed to have staged another attack on Japanese electronics giant Sony, publishing online a file containing source code for the Sony Computer Entertainment Developer Network.

Hackers turn PlayStation into pay station

May 10, 2011

In late April, a hacker crippled Sony’s PlayStation Network by stealing the names, home addresses and perhaps even the credit card numbers of some 70 million subscribers, who play and download games through the online ...

Understanding the social side of cyber-security issues

May 4, 2011

When Engin Kirda started focusing on cyber-security research 10 years ago, those primarily responsible for launching Internet attacks were teenagers out for kicks, he said. But the scope of threats existing through the Web ...

Recommended for you

What do you get when you cross an airplane with a submarine?

February 15, 2018

Researchers from North Carolina State University have developed the first unmanned, fixed-wing aircraft that is capable of traveling both through the air and under the water – transitioning repeatedly between sky and sea. ...


Adjust slider to filter visible comments by rank

Display comments: newest first

1 / 5 (1) Jun 08, 2011
Sony will be all right as long as it keeps producing the Sony Rolly.

Roll on dudes.
not rated yet Jun 08, 2011
And nobody wants to see any connection to the activities of the RIAA.
1 / 5 (1) Jun 09, 2011
Well, it is like a Libertarian "friend" of mine who worked as an officer at the Libertarian Competitive Enterprise Institute, told me some years ago.

In America is is illegal and immoral to do anything that reduces a corporation's profits.
1 / 5 (1) Jun 09, 2011
Let's not forget that Sony hacked many thousands of its customers' computers with the rootkit it put on its music CDs, and each instance was a criminal act for which it wa never held to account.

It also hacked all its customers' Playstation 3s when it modified their firmware to eliminate their ability to boot Linux, which was a supported feature and selling point of these systems.

Sony was completely incompetent in its computer security over its own computers holding its customers' information. If it had been responsible and competent, this would not have happened.
not rated yet Jun 09, 2011
At least this should be a wakeup call for buisinesses to treat computer security with the respect it deservs.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.