Sony Attack Shows Shifting Online Security Threat

Advertisement
By Associated Press | Updated: 2 January 2015 11:52 IST
The boundary between the online and physical worlds got blurry last week when Sony's PlayStation Network was disabled by an online attack, while simultaneously an American Airlines passenger jet carrying a Sony executive was diverted due to a bomb threat on Twitter.

Experts say that's a wake up call for a world still coming to grips with cyber-security: What goes down online can be equally if not more disruptive in the real world.

(Also see: Sony Says PlayStation Network Back Online, User Data Safe)

Advertisement

What often surfaces from the Internet's underbelly to make headlines are acts that verge on pranks, and the culprits who get caught are the amateurs, such as a teenager in the Netherlands who tweeted a threat to an airline, saying she was part of al-Qaida and was planning to do "something really big."

But that's just the tip of the iceberg of 24-hour criminal action in cyberspace.

Advertisement

The serious players are after much bigger trophies such as wreaking havoc with defense systems and stealing valuable corporate information. The days of computer mischief to say "I was here," common several years ago, are over.

"Professionals are all in it for the money," said William Saito, an entrepreneur and technology expert who advises the Japanese government and teaches at several universities. "The ones that get caught are usually novices, known in the industry as 'script kiddies,' getting caught for the real-world equivalent of shoplifting."

Advertisement

For every "kiddy," there are 10 professionals, he said.

Japan's Capitol Hill, or Kasumigaseki central government, is targeted in cyber-attacks at the rate of one per every six seconds, including viruses, data leaks and unlawful access, according to the Japanese government.

Advertisement

Public awareness of the threats is low.

"Until it happens to them or someone they know, it is not a concern for them," said Curt Esser, a cyber-security expert who heads Esser Consulting in Wisconsin.

"Hackers and cybercriminals keep coming up with new ways to bypass systems, many unimaginable to comprehend ahead of time," said Esser.

The consequences of a successful infiltration into the networks of companies and institutions could be drastic: disrupting power supplies, sending a stock price plunging, immobilizing traffic or even threatening global security.

The problems are rarely allowed to escalate to disruptive levels, but that may simply be sheer luck.

"The threat is real, and few nations are adequately prepared," Ian Wallace, a cyber-security expert at Brookings Institution, a Washington D.C.-based nonprofit organization, wrote recently in the Fletcher Forum of World Affairs.

In the Sony Corp. incident, no personal information was stolen. A 2011 attack had compromised the personal data of 77 million user accounts.

Last week, hackers orchestrated a so-called denial-of-service attack, overwhelming the game network with fake visits so that legitimate users couldn't get through. That kind of attack is not very sophisticated and is more a notoriety play.

The American Airlines flight with six crew and 179 passengers was diverted to Phoenix after a Twitter account called Lizard Squad suggested there was a bomb on the plane. It also claimed responsibility for the online attack.

Timothy Ryan, managing director at New York-based Kroll, which investigates hundreds of cybercrime cases a year for corporate clients, said the greed, maliciousness and other motives have not changed, only the tools.

One person stole an algorithm from the company where he worked to try to start his own company, Ryan said.

Another created a technological "crisis," to get attention to his own skills at "solving" it, in an attempt to save his job while framing an innocent co-worker.

"Motivations have not changed. Humans are humans," he said.

Tracking crimes in cyberspace is extremely difficult because the culprits often zip from server to server, using anonymizing services, to disguise their real whereabouts.

Complicating the investigation further is that sometimes groups are involved, and each participant takes on a stage of a crime, such as credit card fraud, some of them knowing each other only online.

In Japan, the difficulty of tracking the Internet user has led to the arrests of the wrong person, such as a 2012 case of online threats to destroy a shrine and stab its priestesses.

On another front, former National Security Agency contractor Edward Snowden told Wired magazine last month that the NSA had secretly planned a cyberwarfare program, codenamed MonsterMind, that could automatically fire back at cyber-attacks from foreign countries without any human involvement.

Cyber-security firm Mandiant has published detailed research showing that the Chinese military is involved in hacking to steal government, military and corporate information.

Others are activists pushing what they see as a noble cause, such as the U.S. and U.K-based LulzSec hacker collective that grew out of the Anonymous movement and has agitated on behalf of the WikiLeaks online secret-spillers and Occupy Wall Street.

Japanese ruling party lawmaker Takuya Hirai, who oversees information technology, is pushing for legislation, expected to pass soon, to regulate cyber-security in Japan, a nation he acknowledged lagged behind the rest of the industrialized world in that area.

The 2020 Tokyo Olympics are certain to be a target, and that worries Hirai. Preparations must start immediately as hackers may plant a virus now that takes off later like a time bomb.

The 2012 London games were targeted, but damage was minimized only because money was spent to guard against the attacks, he said.

"The skills to hack and to defend against hacking are actually the same. It's the question of whether that person will be Darth Vader or a Jedi," Hirai said.

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: Gaming, Internet, PS4, Sony, Lizard Squad
Advertisement

Related Stories

Popular Mobile Brands
  1. Here's When the Poco M8 Power, Poco X8 Could Launch in India
  2. Airtel Unlimited 5G Data Subscribers Reportedly Cannot Share 5G Data via Mobile Hotspot
  3. Lava Virat V1 5G, Virat V1 Key Specifications Confirmed Before India Launch
  4. OnePlus Exits US, Europe, Continues Operations in India: 5 Things to Know
  5. Redmi Note 17 Pro Global Variant Appears on NBD Database Alongside Poco Model
  6. Oppo K15 Launch Date Confirmed; Key Specifications Revealed Ahead of Debut
  7. Airtel Revises Postpaid Portfolio, Removes Rs. 549 Individual Plan
  8. Pixel 11a Codename Appears in Google's Phone App: Report
  1. Redmi Note 17 Pro Global Variant Reportedly Appears on NBD Database Alongside Poco Model
  2. Google Pixel 11a Codename Reportedly Spotted in Phone App
  3. Huawei Mate XT 2 Leaked Patent Reveals New Tri-Fold Design and Folding Mechanism
  4. Airtel Unlimited 5G Data Subscribers Reportedly Cannot Share 5G Data via Mobile Hotspot: Here's What We Know So Far
  5. Lenovo Legion C700 Teased as a Cloud Gaming Handheld Ahead of August Launch
  6. Marvel's Wolverine Gets New Trailer That Will Play Ahead of Christopher Nolan's The Odyssey in Select Theatres
  7. Airtel Quietly Removes Rs. 549 Individual Postpaid Plan in India; Rs. 699 Plan Becomes Next Upgrade
  8. Poco M8 Power, Poco X8 India Launch Timeline Tipped; Could Arrive as Rebranded Redmi Note 17 Series
  9. Samsung Galaxy S25 Series Could Get Galaxy S26’s Horizontal Lock Camera Feature With One UI 9 Update
  10. Asus Pad India Launch Date Announced as Company Reveals Key Specifications
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.