Wednesday, May 25, 2011

Sony - Another Day, Another Breach

Sony has unfortunately been in the headlines lately for the wrong reasons. The consumer electronics/media giant has been under savage attack lately by persistent hackers. Sony made the headlines after hackers managed to attack the Playstation Network and other online entertainment services with account details of 100 million users last month. Following that, Sony has made periodic announcements of other breaches. They include the recent breaches at the Greek, Thai and Indonesian units of Sony. And hot off the presses is the news that Sony Canada has been the victim of cyberattacks. If a strong brand like Sony has fallen victim to such a sustained series of attacks, then lesser brands with less resources are at the mercy of attacks and may not even be aware of it. Cyberattacks can come in many forms and oftentimes the victims are not even cognizant of it. It reminds me of the data breach of the Australian government by unknown assailants. The Americans informed the Aussies that the government systems and emails were hacked into.

The key takeaway is that data security cannot be taken for granted and rather simple steps like requiring logins using security tokens can prevent phishing attacks. Stronger forms of two-factor authentication, that go beyond one-time passwords, like challenge-response-based logins also help mitigate Man-in-the-Middle type of attacks. Companies have to impose stronger security, but also have to keep in mind that ease of use is just as important. Software tokens and especially mobile tokens help bring convenience and usability to stronger authentication.

No comments:

Post a Comment