Sony Pictures Entertainment hack
The 2014 cyberattack on Sony Pictures Entertainment (SPE) sent shockwaves through US national security and foreign policy, US and international media, as well as private enterprises globally. It was the first destructive cyberattack conducted against the US and the first time the US attributed a cyberattack to a foreign government.3 Eventually attributed to North Korea over SPE’s planned release of “The Interview,” a comedy featuring a plot to assassinate North Korea’s leader Kim Jong-un, the SPE attack’s political and economic consequences serve as a powerful example of cyberattacks’ crippling potential.
The Sony case study provides a foundation for which to base your ongoing project on, however you are encouraged to conduct further research to engage with the nuances of the case and to enforce your reasoning.
By considering SONY case study, answer the following questions:
- Identify the threat Sony faced in the 2014 hack, and explain their motives. Explain whether or not you think the aspects of Sony’s sector made it vulnerable to the threat you have identified.
- Offer an explanation of the methods of attack the threat actor employed to breach its cyber security, and justify your reasoning.
- Describe a scenario of what method of attack at least one other type of threat actor could use in the future, and why.
- What types of critical systems, networks, and data would you expect constitute Sony’s information infrastructure?
- Which of these critical assets do you think are the most essential to the organization’s ability to accomplish its mission? Explain why.
- Do you think that the 2014 attack against Sony primarily targeted systems, networks, data, or a combination of all three?
start writing here :
Please note that your answers to the Sony case study will be assessed according to the sound reasoning you have provided for your interpretation of the organization’s critical assets.
(Your answer should be between 800 and 1000 words) and should be written on your own words
- Based on data available, explain the SONY’s governing structure, and its approach to cybersecurity (as detailed in its policies and, where possible, observed in practice).
- Recommend changes that should be implemented and, if applicable, propose a new cybersecurity leadership plan that addresses its shortcomings.
(Approx. 300–400 words)
– Identify SONY’s mission or objective, Identify its motivation for security policy and the security policies they have. Note the security policy includes Enterprise infosec program policy, Issue-specific infosec policies, and Systems-specific infosec policies.
start writing here :