Sony Faces Cyber-attack

By Author: eccuni
Total Articles: 211
Comment this article

Popular websites and networks are favorite targets of cybercriminals. Attackers not only gain instant publicity, but also extract privileged customer and business information. The extracted information could Sony is still investigating the attack, which forced the company to take Sony PlayStation Network (PSN) and Qriocity services offline last week. The services are used by over 75 million people worldwide. While PlayStation provides online gaming, Qriocity offers audio and video services for Sony devices. Security professionals of the company are investigating the attack. The company had initially referred to the attacks as an external intrusion attempt.

Information security professionals of the company are revamping the network infrastructure to strengthen defenses against intrusion attempts. The company has not disclosed whether any user related data has been compromised. The information may include personal information such as name, age, contact details and financial information such as credit card numbers. Information security is crucial for continued trust of customers. Last month's data breach at Epsilon has ...
... affected millions of customers worldwide. Customers, whose e-mail addresses were exposed, are receiving several phishing e-mails. IT professionals may update themselves on latest threats and data protection mechanisms by participating in webinars, training programs and undertaking online university degree courses.

Anonymous group was in the news for launching distributed denial-of-service attacks on Sony's servers earlier this month. The group has denied responsibility for the new set of attacks. Threats to network security may be active or passive. Both internal and external factors may pose threat to network security. Cyber-attacks result in disruption of regular services and adversely affect the business of the company. Hiring experienced IT professionals qualified in masters of security science, penetration testing and network security administration may help in understanding the network security environment, identification of threat vectors and security tools required to remediate the flaws.

Attackers may also target specific individuals of the company through social engineering attacks to compromise their computer systems, and gain access to other computers in the network. Therefore, organizations must create awareness among employees on social engineering threats such as spear phishing, impersonation as peers, fake online accounts on social media sites through huddle sessions and e-learning programs. Employees could be encouraged to undertake online degree courses on cyber security to inculcate safe computing practices.

Network security must be evaluated at regular intervals to identify and mitigate weaknesses. Network administrators must also keep track of security advisories to identify and apply necessary patches.