Cyber Crime: ‘Sony yet to fully secure its networks’
Sony Corp’s computer networks remain vulnerable to attack.
BOSTON:
Sony Corp’s computer networks remain vulnerable to attack three weeks after the company learned that it had been victim of one of the biggest data breaches in history, according to an Internet security expert. The expert found a handful of security flaws in Sony’s networks while remotely studying its systems via the Internet to see how difficult it would be to penetrate the electronics giant’s systems in the wake of the attacks. Security researcher John Bumgarner discovered a potential bonanza for hackers by using little more than a web browser, Google’s search engine and a basic understanding of Internet security systems. Sony did not respond directly to Reuters on the security lapses that Bumgarner said he had uncovered, but three of five flaws that Reuters pointed out to the company on Thursday were fixed later in the day.
Published in The Express Tribune, May 15th, 2011.
We also must account for all of the implications of compromised user identities. If the only protection against access-point fraud is a segregation of duties in the enterprise resource planning (ERP) system, then a cybercriminal can easily steal the requisite number of user log-ins and generate a payment to a fraudulent vendor.
After all, why steal data that you have to sell to make money when you can directly steal money? All of our systems must be resilient; we have to protect the data and the money.