The widely-reported cyber attack on Sony Pictures Entertainment that compromised emails written by the movie and television company’s leaders and personal information of employees took another turn Friday when the FBI publicly held North Korea’s government responsible for the hack.
As covered on our sister site ExecutiveGov, the bureau said it traced the malware, lines of code and other cyber tools used for this attack to others the U.S. government believes North Korea adopted for a March 2013 attack against banks and media outlets in South Korea.
One talking point that has emerged from the incident’s fallout is the potential implications on how federal agencies approach cybersecurity in an environment that contains many types of threats from hacktivist organizations and nation-state actors, among others.
In a report for CNN, Chris Frates and Curt Devine cited a White House report that found the federal government saw 61,000 cyber attacks and security breaches in 2013.
The Government Accountability Office says the number of cyber incidents at government agencies increased 35 percent between 2010 and 2013, according to CNN.
A Nextgov story on federal cybersecurity posted Thursday said that among agencies with intellectual property, the Defense Department spent $7 billion on cyber in fiscal year 2013, the Energy Department invested $218 million, the Patent and Trademark Office set aside $163 million, the National Science Foundation allocated $150 million and NASA put $86 million into cyber programs.
In the wake of the Sony hack and surrounding discussions the incident has spurred, ExecutiveBiz reached out to several GovCon industry leaders for their perspective on what the sector and agencies can learn from the attack on Sony to shore up federal cyber defenses.
The responses GovCon executives offered us in our conversations ranged from recommendations on how to approach federal cybersecurity to the steps companies can take before and after an incident if one occurs.
“The lessons to be learned from the attack on Sony Pictures are many, but perhaps the most important is that the threat of a destructive and costly cyber attack is no longer a threat, but is reality,” said Bill Varner, president and chief operating officer of ManTech International‘s mission, cyber and intelligence solutions group.
“The fact that a nation state feels sufficiently emboldened to launch an attack against an American corporation — although cyber attribution is difficult so we may never know the origin of the attack with 100% certainty – significantly raises the bar for the cybersecurity industry as well as everyone who uses the Internet.”
Sol Cates, chief security officer at Vormetric, recommended agencies increase usage of privileged user controls in their information technology environments and emphasize encryption, access controls and data access monitoring.
“If the security controls on Sony's servers had included encryption with access controls they probably would not have had critical data wiped or new film information prematurely leaked.”
Joel Bagnal, president and chief operating officer at Las Vegas-based professional services firm The Goyak Group, pointed to partnerships between government and industry as tools that can help gain an advantage in cyberspace.
“Entities must establish relationships with law enforcement before breaches so they will know how to implement immediate remediation after a breach,” Bagnal said.
Bill Jaffe, an executive vice president and general manager at TAPE, said his firm has instructed employees to not write email messages with content they would not feel comfortable with being disclosed to the public, as was the case with the Sony incident.
“That has served us well, because no e-mail communications are really safe.”