Sony Pictures’ ‘wipeout’


About Us

SysAdmins creating software for SysAdmins.

Sony Pictures’ ‘wipeout’


Last week Sony Pictures announced that they had been hit by a particularly nasty hacker attack¹, which among other things, stole payroll information, wiped computers clean, and taunted staff with a picture of a skull and a scrolling banner attributing responsibility. This comes in the wake of an attack on Sony’s Computer Entertainment subdivision in 2011 that left their entire online gaming infrastructure unreachable for 6 weeks and cost the company hundreds of millions of dollars.

So why should you care? Because attacks like this are becoming more common, and if you’re in the IT hotseat when it happens you will probably be out of a job, even if it’s just to placate angry shareholders or customers. In a recent interview with Public Radio’s Marketplace news program, Wired reporter Kim Zetter said:

Everyone is going to get hacked. The question is: What is your game plan for dealing with a hack once you discover it? ² 

The question is no longer about how to prevent it, but what to do when it happens. In Sony’s situation the attack was particularly brutal because of the style. Previously most attacks have centered on stealing data or defacing a website. In this case, an additional effect of the attack was to wipe infected computer systems’ harddrives, rendering them useless³. (Thus the name “Wiper Attack”.)

In a situation like this, you are left with two choices: rebuild from scratch or perform bare metal recovery. Hopefully you’ve planned ahead and implemented a backup solution like Storix Software’s System Backup Administrator, which can recover both your data AND the operating system without the need for reinstallation. Otherwise you’re stuck watching kickstart scripts run and then reinstalling any custom software or patches you were using before the attack.

The lesson here: data security and data protection go hand in hand. Keeping the bad guys out is a good start, but you need to also be able to recover data assets quickly if they get in.