The crippling and embarrassing cyberattack on Sony Pictures Entertainment by North Korea in retaliation for the satirical film it made about its leader Kim Jong-un is a bad omen, say security advisers. Given the current security levels for most companies, 90 percent of them would be vulnerable to such an attack, which destroyed 3,000 computers and 800 servers and made Sony Pictures' most sensitive information and proprietary content open to anyone who looked for it. It represents a troubling new phase of cyber warfare in which hackers can harness the resources of a nation to target individual American companies. Steve Kroft looks at the Sony attack in his report, as well as similar nation-on-corporation attacks which security consultants say will increase. His report will be broadcast on 60 Minutes Sunday, April 12 at 7 p.m. ET/PT.
"There are probably a couple thousand, three, four, five-thousand people that could do [the Sony] attack today," says former hacker Jon Miller, now VP of Strategy at Cylance, a company that creates anti-virus software that he says could have stopped the Sony incursion. "Not all of them are in friendly countries and the number is growing rapidly," he tells Kroft. Cyber weapons would be a potent weapon in the hands of terrorists, he says, pointing to the fact that sympathizers of the Islamic State of Iraq and Syria have already committed acts of cyber-vandalism against the U.S. Central Command. "ISIS hacked CENTCOM's Twitter... the barrier to entry is low," says Miller.
In fact, any security system is as strong as its weakest human link says Kevin Mandia the SVP-COO of FireEye, in his first interview since his cybersecurity firm began helping Sony. "The advantage goes to the offense in cyber," he says. The defense must defend every computer, thousands in some cases, but "the offense side thinks, 'I only need to break into one and I'm on the inside.'...Nation-state threat actors, or hackers, target human weakness, not system weakness," says Mandia. The Internet is the usual path of attack and nearly every company allows its employees access to it. One wrong click by one employee can lead to an attack that brings down the entire system.
Hacking attempts and actual incursions are common, but rarely do more than steal information or temporarily disrupt service. The North Korean attack on Sony was different. Instead of just spying on and stealing information from Sony, it destroyed their data and their machines in a vengeful attack, then released stolen information to the media. Says Mandia, "Sony scares CEOs...all of the sudden, every chief information security officer is talking to their board...every board wants to know: Is this the new normal?'"
Miller says the most frightening aspect of these attacks is that some of the computer exploits needed to wage them - like those used by North Korea - can be purchased on the Internet from the likes of Russian hackers for about $30,000. The unregulated nature of the Internet is what makes it all possible. "It truly, truly is the Wild West right now," he tells Kroft. "What we're seeing are people getting pulled out onto the street and shot and it's like 'Where's the sheriff?' There's no sheriff," says Miller.