Recently a new cyber crime story gets reported every week. This week’s news on cybercrime is about an attack at Sony Pictures Entertainment, among other problems making movies publicly available, and creating substantial damage.
An important aspect of most cyber crime is the fact that hacks usually cannot be attributed to the real source. Just because a computer was attacked by another computer, maybe in North Korea or maybe somewhere else doesn’t confirm the real source. That computer may itself be an innocent victim and may have been used by another computer in some other part of the world. There can be a chain of tens and more computers. Even aunt Emma’s computer may be part of such a chain. Therefore it is a very bad idea for most people to start counterattacking cyber criminals by themselves.
This attack is different from old fashioned cyber-crime in what it tries to do. It is not simply stealing some money were the loss of the victim matches the gains of the criminal; it is not simply leaking credit card numbers. The loss to Sony is “strategic”: The loss for Sony isn’t what is gone and has been stolen. The loss in this case is directly hurting Sony in its ability to do further business. As of today, such crimes are common place in newspaper talk about state-actors, cyber-“terrorism” and in hype like cyber-“war”. What is new and unusual here is that such losses are inflicted on normal, commercial business enterprises.
Adding several layers of protection could significantly minimize the risk of such attacks. Obfuscation of your code as provided by White Hawk Software can be one of these protective layers.
For more about this incident see:
- http://www.newsday.com/entertainment/movies/fbi-investigating-sony-pictures-hack-1.9672119 (link removed)
- When you are hacked, instead hacking back, please report the crime to http://www.ic3.gov