DOCSLIB.ORG

Cybersecurity Cybersecurity

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cybersecurity Cybersecurity Issue: Cybersecurity Cybersecurity By: Pat Wechsler Pub. Date: February 1, 2016 Access Date: September 27, 2021 DOI: 10.1177/237455680203.n1 Source URL: http://businessresearcher.sagepub.com/sbr-1775-98146-2715384/20160201/cybersecurity ©2021 SAGE Publishing, Inc. All Rights Reserved. ©2021 SAGE Publishing, Inc. All Rights Reserved. Can businesses protect themselves from computer crime? Executive Summary As fast as Internet use has grown over the past two decades, so too has the cybersecurity challenge for businesses and governments that are fighting to keep their data and networks safe from intruders. Today, they face an unprecedented assault from a powerful global army of sophisticated, well-organized and well-financed hackers who vigilantly seek vulnerabilities to exploit. In the past couple of years alone, these shadowy figures have stolen personal information on hundreds of millions of U.S. customers and employees and have cost enterprises close to $500 billion. With each new device or product connected to the Internet, the possibility of hackers wreaking economic chaos has grown. Despite the mounting threat, most enterprises have failed to implement the kind of rigorous security protocols necessary to keep out even low-tech efforts to penetrate networks. Among the questions being debated: Are companies responding adequately to cybercrime? Should the United States encourage American companies to “hack back” when they think they've been hacked? Can information sharing between businesses and government help fight cybercrime? Overview Larry Ponemon, who has counseled companies for years on how to protect their data and computer systems, remembers a cybersecurity presentation he made not long ago to a major technology company on areas of risk. “As I wrapped up, some smart aleck—the head of research and development, I think—told me that his company didn't have to worry because ‘our security is as tight as Fort Knox,’ ” the consultant now recalls. “He said, ‘No one—not the Chinese, not the Russians, not the Romanians, nobody—would be able to infiltrate the company's network through the Internet.’ ” A few months later, the company got in touch to let Ponemon know that the smart aleck turned out to be right—no hacker was able to penetrate the system through the Internet. Instead, cyberthieves disguised themselves as outside contractors, walked into the building and proceeded to steal valuable designs and other data off the network. “This wasn't unique,” Ponemon says. “Companies too often think they have it Hackers today are numerous, smart, more organized than ever covered or it will never happen to them.” and, above all else, persistent. (Bill Hinton/via Getty Images) Ponemon tells the story to reinforce one of the major reasons cybercrime is so difficult to combat: Hackers are numerous, smart, more organized than ever and, above all else, persistent. If they can't penetrate the system using one method on a certain day, they simply keep trying until they find a chink in the corporate armor or a time when a company's guard is down. For the past two decades, corporations and governments around the world have been fending off intrusions to their computer networks by shadowy figures that may be working in the office next door or thousands of miles away on another continent. The last 10 years, in particular, have been marked by increasingly large and dangerous data breaches—with cyberthieves making off with valuable proprietary information and data from hundreds of millions of personal accounts on corporate and government networks. While these hacks have caused considerable disruption for the corporate and human victims, cybersecurity experts warn that even more dire, even potentially deadly, consequences may lie ahead as almost every aspect of everyday life—from driving a car to operating the national electrical grid—becomes increasingly linked to the Internet or other large “hackable” systems. 1 The exact dimensions of the economic threat are difficult to quantify. In 2009, security-software seller McAfee warned that the global costs of cybercrime Larry Ponemon: “Companies too often think they have it already had topped $1 trillion a year—a figure used subsequently in speeches covered or it will never happen to them.” (Peter by President Obama and senators on both sides of the aisle. 2 A more Foley/Bloomberg via Getty Images) conservative 2014 estimate from the Center for Strategic and International Studies, a Washington think tank, placed the annual cost of cybercrime between $375 billion and $575 billion, making the economic impact comparable to global drug trafficking. 3 Page 2 of 25 Cybersecurity SAGE Business Researcher ©2021 SAGE Publishing, Inc. All Rights Reserved. Almost 800 U.S. Data Breaches Reported in 2015 Number of U.S. data breaches, 2005–15 Note: “Data breach” is defined as an incident in which an individual's name plus a Social Security number, driver's license number, medical record or financial record is potentially put at risk of exposure, either electronically or in paper format. Sources: Data for 2015 from “Data Breach Reports,” Identity Theft Resource Center, Dec. 31, 2015, p. 4, http://tinyurl.com/p8zuqtp; all other data from “ITRC Breach Statistics 2005-2014,” Identity Theft Resource Center, 2015, http://tinyurl.com/h4nlmqk U.S. businesses, government agencies, schools and other organizations recorded 781 data breaches in 2015, just short of a 10-year high in 2014. Before 2015, the number of breaches had risen for four consecutive years. Health and medical record incidents accounted for two-thirds of breaches in 2015. Still, most agree global cybercrime is escalating with the proliferation of both hackable targets and technically savvy and well-financed hackers. A report by Juniper Research contends costs could reach $2 trillion annually by 2019. 4 Given the increasing sophistication of malware—essentially software designed to disable computer systems—“one of the worries that many of us have in the security industry is the potential for attacks on industrial control systems,” says Ponemon, chairman and founder of the Michigan-based Ponemon Institute, who has served on numerous government and corporate Internet security commissions. “In an attack against a power utility, you could cause a brownout for a few minutes, or if it is done well, it could be for months. Those kinds of attacks used to be the stuff of science fiction movies, but they're real.” The escalation of the cyberwar is linked to the increased organization and cooperation among hackers, many of whom operate out of Russia, Eastern Europe and China. Whereas a couple of decades ago hackers tended to be young computer whizzes working alone in their basements, hackers now are part of well-defined, often global enterprises, similar to the syndicates that participate in drug or arms trafficking. Some have even replicated corporate structures, paying salaries to their army of hackers and creating marketing and customer support teams to sell their malware to other hackers. 5 “Hackers often report to an office every day like the rest of us,” says Alan Brill, a senior managing director at investigative risk-analysis firm Kroll. “And they spend their eight hours searching for vulnerabilities in corporate and governmental computer networks. It's organized and relentless.” Because of the global nature of the enterprise, the complicity of some governments and the sophisticated technology hackers use to cloak IP addresses, authorities in the United States and elsewhere have had only limited success identifying culprits, let alone prosecuting the worst malefactors. “Upwards of 80 per cent of cybercrime acts are estimated to originate in some form of organized activity, with cybercrime black markets established on a cycle of malware creation, computer infection, botnet [networks of infected computers that send out spam and viruses] Page 3 of 25 Cybersecurity SAGE Business Researcher ©2021 SAGE Publishing, Inc. All Rights Reserved. management, harvesting of personal and financial data, data sale, and ‘cashing out’ of financial information,” a United Nations report stated in 2013. 6 Increased organization also has changed the nature of hacks. 7 “Early threats were usually hit-and-run,” Brill says. “Someone broke in, stole something—perhaps a blueprint or a set of documents—and left, attempting to leave behind as little evidence as possible. Today the goal is to remain inside the network for as long as possible without being detected and do as much damage as possible—either stealing information or causing disruption.” This extended, under-the-radar presence is known within the cybersecurity industry as an Advanced Persistent Threat (APT). Originally a strategy of government-to-government cyberespionage, APT denotes both the attacker and technique. The hack follows a pattern: 8 The attackers first research the target organization. They then break into the network using social engineering techniques, such as spear phishing, which involves getting people in an organization to open emails and unknowingly infect the system with malicious software. Next, they attempt to remain undetected in the network while they gather information and assess where valuable data are stored. Finally, the attackers collect the data and extract as much information as possible. Some of the most infamous recent APTs and spear-phishing assaults included the 2014 attack on the computer networks of Sony Pictures Entertainment, which resulted in dozens of terabytes (each approximately a trillion bytes) of confidential information being stolen —including highly embarrassing emails from the division's top executives. 9 Another was the hack of Target Corp.'s computer network in 2013, when spear-phishing emails were sent to a vendor with access to portions of the retailer's network. 10 Attackers stole information from 70 million customer accounts and 40 million credit and debit card numbers. 11 A third APT attack, particularly humiliating for the United States, was against the federal Office of Personnel Management (OPM).
Load more

Recommended publications
  • Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress
    Order Code RL32114 Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress Updated January 29, 2008 Clay Wilson Specialist in Technology and National Security Foreign Affairs, Defense, and Trade Division Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress Summary Cybercrime is becoming more organized and established as a transnational business. High technology online skills are now available for rent to a variety of customers, possibly including nation states, or individuals and groups that could secretly represent terrorist groups. The increased use of automated attack tools by cybercriminals has overwhelmed some current methodologies used for tracking Internet cyberattacks, and vulnerabilities of the U.S. critical infrastructure, which are acknowledged openly in publications, could possibly attract cyberattacks to extort money, or damage the U.S. economy to affect national security. In April and May 2007, NATO and the United States sent computer security experts to Estonia to help that nation recover from cyberattacks directed against government computer systems, and to analyze the methods used and determine the source of the attacks.1 Some security experts suspect that political protestors may have rented the services of cybercriminals, possibly a large network of infected PCs, called a “botnet,” to help disrupt the computer systems of the Estonian government. DOD officials have also indicated that similar cyberattacks from individuals and countries targeting economic,
    [Show full text]
  • Attribution and Response to Cybercrime/Terrorism/Warfare Susan W
    Journal of Criminal Law and Criminology Volume 97 Article 2 Issue 2 Winter Winter 2007 At Light Speed: Attribution and Response to Cybercrime/Terrorism/Warfare Susan W. Brenner Follow this and additional works at: https://scholarlycommons.law.northwestern.edu/jclc Part of the Criminal Law Commons, Criminology Commons, and the Criminology and Criminal Justice Commons Recommended Citation Susan W. Brenner, At Light Speed: Attribution and Response to Cybercrime/Terrorism/Warfare, 97 J. Crim. L. & Criminology 379 (2006-2007) This Symposium is brought to you for free and open access by Northwestern University School of Law Scholarly Commons. It has been accepted for inclusion in Journal of Criminal Law and Criminology by an authorized editor of Northwestern University School of Law Scholarly Commons. 0091-4169/07/9702-0379 THE JOURNALOF CRIMINAL LAW & CRIMINOLOGY Vol. 97. No. 2 Copyright 0 2007 by NorthwesternUniversity. Schoolof Low Printedin U.S.A. "AT LIGHT SPEED": ATTRIBUTION AND RESPONSE TO CYBERCRIME/TERRORISM/WARFARE SUSAN W. BRENNER* This Article explains why and how computer technology complicates the related processes of identifying internal (crime and terrorism) and external (war) threats to social order of respondingto those threats. First, it divides the process-attribution-intotwo categories: what-attribution (what kind of attack is this?) and who-attribution (who is responsiblefor this attack?). Then, it analyzes, in detail, how and why our adversaries' use of computer technology blurs the distinctions between what is now cybercrime, cyberterrorism, and cyberwarfare. The Article goes on to analyze how and why computer technology and the blurring of these distinctions erode our ability to mount an effective response to threats of either type.
    [Show full text]
  • The Rhetorical Reduction of the 13Th World Festival of Youth and Students
    DOCUMENT RESUME ED 353 623 CS 508 052 AUTHOR Van Mersbergen, Audrey TITLE The Rhetorical Reduction of the 13th World Festival of Youth and Students. PUB DATE Oct 92 NOTE 44p.; Paper presented at the Annual Meeting of the Speech Communication Association (78th, Chicago, IL, October 29-November 1,1992). PUB TYPE Reports Research/Technical (143) Speeches /Conference Papers (150) EDRS PRICE MF01/PCO2 Plus Postage. DESCRIPTORS Foreign Countries; Higher Education; *Ideology; *Mass Media Role; Media Research; News Media; *News Reporting; Students; Youth IDENTIFIERS Festivals; *Media Coverage; Media Government Relationship; North Korea; *Rhetorical Stance; Youth Participation ABSTRACT This paper examines ways in which the magnitude and critical import of the Thirteenth World Festival of Youth and Students (a week-long festival held approximately every four years, where tens of thousands of young people gather in the name of peace and friendship) was "distorted, diminished and suppressed" by coverage in the mainstream United States press. The paper first examines the history of the festival movement and how it has come to exist in its present form, and then considers the concept of historiography and the extent of its relevancy. An account of what actually took place at the festival is offered next, followed by a contrasting account of the festival as it was depicted in the mainstream press. This critique examines several national United States newspapers and periodicals, and shows how the festival was discussed in terms of peripheral elements (the North Korean political regime) and how its multifarious dimensions were transformed into homogenous and oversimplified categories. Lastly, the paper explicates the critical aspects of ideology and how ideology functions as a determinate factor in producing perspectives, particularly the perspectives of the mainstream press.
    [Show full text]
  • What Every CEO Needs to Know About Cybersecurity
    What Every CEO Needs to Know About Cybersecurity Decoding the Adversary AT&T Cybersecurity Insights Volume 1 AT&T Cybersecurity Insights: Decoding the Adversary 1 Contents 03 Letter from John Donovan Senior Executive Vice President AT&T Technology and Operations 04 Executive Summary 05 Introduction 07 Outsider Threats 15 Looking Ahead: Outsider Threats 16 Best Practices: Outsiders 18 Insider Threats 24 Looking Ahead: New Potential Threats 25 Looking Ahead: Emerging Risks 26 Best Practices: Malicious Insiders 27 Best Practices: Unintentional Insiders 28 Moving Forward 32 Conclusion 33 Know the Terms For more information: Follow us on Twitter @attsecurity 35 End Notes and Sources Visit us at: Securityresourcecenter.att.com © 2015 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T Globe logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. The information contained herein is not an offer, commitment, representation or warranty by AT&T and is subject to change. 2 ATT.com/network-security Business leader, Welcome to the inaugural issue of AT&T Cybersecurity Insights, a comprehensive look at our analysis and findings from deep inside AT&T’s network operations groups, outside research firms, and network partners. This first issue, “Decoding the Adversary,” focuses on whether or not you and your board of directors are doing enough to protect against cyber threats. Security is not simply a CIO, CSO, or IT department issue. Breaches, leaked documents, and cybersecurity attacks impact stock prices and competitive edge. It is a responsibility that must be shared amongst all employees, and CEOs and board members must proactively mitigate future challenges.
    [Show full text]
  • Sample Iis Publication Page
    https://doi.org/10.48009/1_iis_2012_133-143 Issues in Information Systems Volume 13, Issue 1, pp. 133-143, 2012 HACKERS GONE WILD: THE 2011 SPRING BREAK OF LULZSEC Stan Pendergrass, Robert Morris University, [email protected] ABSTRACT Computer hackers, like the group known as Anonymous, have made themselves more and more relevant to our modern life. As we create and expand more and more data within our interconnected electronic universe, the threat that they bring to its fragile structure grows as well. However Anonymous is not the only group of hackers/activists or hacktivists that have made their presence known. LulzSec was a group that wreaked havoc with information systems in 2011. This will be a case study examination of their activities so that a better understanding of five aspects can be obtained: the Timeline of activities, the Targets of attack, the Tactics the group used, the makeup of the Team and a category which will be referred to as The Twist for reasons which will be made clear at the end of the paper. Keywords: LulzSec, Hackers, Security, AntiSec, Anonymous, Sabu INTRODUCTION Information systems lie at the heart of our modern existence. We deal with them when we work, when we play and when we relax; texting, checking email, posting on Facebook, Tweeting, gaming, conducting e-commerce and e- banking have become so commonplace as to be nearly invisible in modern life. Yet, within each of these electronic interactions lies the danger that the perceived line of security and privacy might be breached and our most important information and secrets might be revealed and exploited.
    [Show full text]
  • Unification Church of the United States - Wikipedia, the Free Encyclopedia
    Unification Church of the United States - Wikipedia, the free encyclopedia https://en.wikipedia.org/w/index.php?title=Unification_Church_of_th... Unification Church of the United States From Wikipedia, the free encyclopedia The Unification Church of the United States is a new religious movement in the United States of America. It began in the 1950s and 1960s when missionaries from Japan and South Korea were sent to the United States by the international Unification Church's founder and leader Sun Myung Moon. It expanded in the 1970s and then became involved in controversy due to its theology, its political activism, and the life style of its members. Since then it has been involved in many areas of American society and has itself gone through substantial changes. Contents 1 Early history 2 Political involvement The New Yorker Hotel, 3 Criticism, opposition, and controversy purchased by the Unification 3.1 "Moonie" Church of the United States 4 Changes in the 1980s, 1990s, and 2000s in 1976 and now the site of 5 Church presidents national church headquarters 6 Military service offices. 7 Neologisms 8 References 9 External links Early history In the late 1950s and early 1960s Unification Church missionaries were sent from South Korea and Japan to the United States in order to establish the church there. Among them were Young Oon Kim, Sang Ik-Choi, Bo Hi Pak, David S. C. Kim, and Yun Soo Lim. Missionary work took place in Washington D.C., New York, Oregon, and California.[1] The church first came to public notice in the United States after sociology student John Lofland studied Young Oon Kim's group and published his findings as a doctoral thesis entitled: The World Savers: A Field Study of Cult Processes , which was published in 1966 in book form by Prentice-Hall as Doomsday Cult: A Study of Conversion, Proselytization, and Maintenance of Faith.
    [Show full text]
  • Cyber Warfare a “Nuclear Option”?
    CYBER WARFARE A “NUCLEAR OPTION”? ANDREW F. KREPINEVICH CYBER WARFARE: A “NUCLEAR OPTION”? BY ANDREW KREPINEVICH 2012 © 2012 Center for Strategic and Budgetary Assessments. All rights reserved. About the Center for Strategic and Budgetary Assessments The Center for Strategic and Budgetary Assessments (CSBA) is an independent, nonpartisan policy research institute established to promote innovative thinking and debate about national security strategy and investment options. CSBA’s goal is to enable policymakers to make informed decisions on matters of strategy, secu- rity policy and resource allocation. CSBA provides timely, impartial, and insight- ful analyses to senior decision makers in the executive and legislative branches, as well as to the media and the broader national security community. CSBA encour- ages thoughtful participation in the development of national security strategy and policy, and in the allocation of scarce human and capital resources. CSBA’s analysis and outreach focus on key questions related to existing and emerging threats to US national security. Meeting these challenges will require transforming the national security establishment, and we are devoted to helping achieve this end. About the Author Dr. Andrew F. Krepinevich, Jr. is the President of the Center for Strategic and Budgetary Assessments, which he joined following a 21-year career in the U.S. Army. He has served in the Department of Defense’s Office of Net Assessment, on the personal staff of three secretaries of defense, the National Defense Panel, the Defense Science Board Task Force on Joint Experimentation, and the Defense Policy Board. He is the author of 7 Deadly Scenarios: A Military Futurist Explores War in the 21st Century and The Army and Vietnam.
    [Show full text]
  • Cyberattack Attribution
    CYBERATTACK ATTRIBUTION A BLUEPRINT FOR PRIVATE SECTOR LEADERSHIP RESEARCH FELLOWS SENIOR RESEARCH FELLOWS Justin Collins Allison Anderson Cameron Evans Stacia Lee Chris Kim Kayley Knopf FACULTY LEAD Selma Sadzak Jessica Beyer Nicholas Steele Julia Summers Alison Wendler This report is a product of the Applied Research Program in the Henry M. Jackson School of International Studies at the University of Washington. The Applied Research Program matches teams of top-achieving Jackson School students with private and public sector organizations seeking dynamic, impactful, and internationally-minded analyses to support their strategic and operational objectives. For more information about the Applied Research Program please contact us at [email protected]. Executive Summary After three decades of development, adoption, and innovation, the Internet stands at the core of modern society. The same network that connects family and friends across the world similarly ties together all aspects of daily life, from the functioning of the global economy to the operation of governments. The digitization of daily life is the defining feature of the 21st century. While the pervasiveness of Internet-enabled technology brings significant benefits, it also brings serious threats—not only to our economy and safety, but also to our trust in computer systems.1 The Internet is central to modern life, yet major state-sponsored cyberattacks persist in disrupting Internet access and function. These attacks undermine faith in government and public trust in democratic institutions. Attribution attempts to date have been unable to deter states from building malicious code for even greater destructive capabilities. In response, we propose the formation of an attribution organization based on international private sector coordination.
    [Show full text]
  • Bank & Lender Liability
    Westlaw Journal BANK & LENDER LIABILITY Litigation News and Analysis • Legislation • Regulation • Expert Commentary VOLUME 17, ISSUE 6 / AUGUST 1, 2011 Expert Analysis Once More Into the Breach: Are We Learning Anything? By Cynthia Larose, Esq. Mintz Levin Cohn Ferris Glovsky & Popeo I’m a guy who doesn’t see anything good having come from the Internet. … [The Internet] created this notion that anyone can have whatever they want at any given time. It’s as if the stores on Madison Avenue were open 24 hours a day. They feel entitled. They say, “Give it to me now,” and if you don’t give it to them for free, they’ll steal it. –Sony Pictures Entertainment CEO Michael Lynton, May 14, 20091 How ironic. This comment two years ago by Lynton created a minor firestorm and drove him to post a lengthy rebuttal on The Huffington Post,2 but at the time, Lynton was referring to content piracy, not data breaches. Given the events since Sony’s massive data breaches in April3 (and subsequent breaches in May and June), he might as well as have been referring to user informa- tion held by Sony and its various properties. As a matter of fact, the Sony Pictures hackers said, “Sony stored over 1 million passwords of its customers in plain text, which means it’s just a matter of taking it.”4 Since the April PlayStation Network breach that exposed more than 100 million user accounts, Sony has been hacked more than 10 times. Sony Europe,5 Sony BMG Greece,6 Sony Thailand,7 Sony Music Japan8 and Sony Ericsson Canada9 all suffered some intrusion and compromise of user information.
    [Show full text]
  • Lezione 2 Cenni Storici Sviluppo Di Software Sicuro (9 CFU), LM Informatica, A
    Lezione 2 Cenni storici Sviluppo di software sicuro (9 CFU), LM Informatica, ! ! 2"2"#2"2$ Dipartimento di Scienze Fisic&e, Informatiche e Matematiche Universit' di Modena e Re))io *milia http+##we,la,!ing!unimore!it/people#andreolini#didattica#sviluppo-software-sicuro 1 Quote of t&e da/ (Meditate, )ente, meditate!!!) “If history repeats itself, and the unexpected always happens, how incapable must Man be of learning from experience.” 0eor)e Bernard S&aw (1234 – 193") Scrittore, drammatur)o, lin)uista, critico musicale utore de “Il Pigmalione8 2 Sir John mbrose Fleming (12:9-$9:3) (;he electrical en)ineer and ph/sicist) Inventore, in)e)nere, radiotecnico, elettrotecnico! Inventore del diodo e della valvola termoionica! Consulente (fra le altre) della Marconi <ireless ;ele)rap& Compan/! 3 Jo&n Nevil Mas>el/ne ($2?9-$9$@) (;he ma)ician) Mago. Inventore del ,agno pu,,lico 6a )ettone8! Fondatore del 6Comitato Occulto8 (antesi)nano dellBodierno CIC 7)! 1903: Mas>elyne rovina una dimostrazione pu,,lica del tele)rafo 6sicuro8 senza Cli (svolta da Flemin))! (iesce ad inviare insulti in codice Morse!.. 4 Eni)ma (1924) (;&e encr/ption#decr/ption machine) Macc&ina elettro-meccanica usata per cifrare e decifrare messa))i! Usata dalla <e&rmac&t durante la Seconda Guerra Mondiale! Considerata indecifrabile per lun)o tempo! 5 rthur Scher,ius (12@2-$929) (LBinventore di *nigma) In)e)nere tedesco! 1918: ,revetta Eni)ma (macc&ina cifrante ,asata su rotori)! 1926: la Marina Militare tedesca adotta una variante di Eni)ma per le sue comunicazioni cifrate! 6 LBEnigma militare (LBinventore di *nigma) Uso di un pannello di controllo ag)iuntivo (detto 6plu),oard”) per offuscare ulteriormente il processo di cifratura.
    [Show full text]
  • The 2014 Sony Hack and the Role of International Law
    The 2014 Sony Hack and the Role of International Law Clare Sullivan* INTRODUCTION 2014 has been dubbed “the year of the hack” because of the number of hacks reported by the U.S. federal government and major U.S. corporations in busi- nesses ranging from retail to banking and communications. According to one report there were 1,541 incidents resulting in the breach of 1,023,108,267 records, a 78 percent increase in the number of personal data records compro- mised compared to 2013.1 However, the 2014 hack of Sony Pictures Entertain- ment Inc. (Sony) was unique in nature and in the way it was orchestrated and its effects. Based in Culver City, California, Sony is the movie making and entertain- ment unit of Sony Corporation of America,2 the U.S. arm of Japanese electron- ics company Sony Corporation.3 The hack, discovered in November 2014, did not follow the usual pattern of hackers attempting illicit activities against a business. It did not specifically target credit card and banking information, nor did the hackers appear to have the usual motive of personal financial gain. The nature of the wrong and the harm inflicted was more wide ranging and their motivation was apparently ideological. Identifying the source and nature of the wrong and harm is crucial for the allocation of legal consequences. Analysis of the wrong and the harm show that the 2014 Sony hack4 was more than a breach of privacy and a criminal act. If, as the United States maintains, the Democratic People’s Republic of Korea (herein- after North Korea) was behind the Sony hack, the incident is governed by international law.
    [Show full text]
  • Paradise Lost , Book III, Line 18
    _Paradise Lost_, book III, line 18 %%%%%%%%%%%%%%%%%%%%%%%% ++++++++++Hacker's Encyclopedia++++++++ ===========by Logik Bomb (FOA)======== <http://www.xmission.com/~ryder/hack.html> ---------------(1997- Revised Second Edition)-------- ##################V2.5################## %%%%%%%%%%%%%%%%%%%%%%%% "[W]atch where you go once you have entered here, and to whom you turn! Do not be misled by that wide and easy passage!" And my Guide [said] to him: "That is not your concern; it is his fate to enter every door. This has been willed where what is willed must be, and is not yours to question. Say no more." -Dante Alighieri _The Inferno_, 1321 Translated by John Ciardi Acknowledgments ---------------------------- Dedicated to all those who disseminate information, forbidden or otherwise. Also, I should note that a few of these entries are taken from "A Complete List of Hacker Slang and Other Things," Version 1C, by Casual, Bloodwing and Crusader; this doc started out as an unofficial update. However, I've updated, altered, expanded, re-written and otherwise torn apart the original document, so I'd be surprised if you could find any vestiges of the original file left. I think the list is very informative; it came out in 1990, though, which makes it somewhat outdated. I also got a lot of information from the works listed in my bibliography, (it's at the end, after all the quotes) as well as many miscellaneous back issues of such e-zines as _Cheap Truth _, _40Hex_, the _LOD/H Technical Journals_ and _Phrack Magazine_; and print magazines such as _Internet Underground_, _Macworld_, _Mondo 2000_, _Newsweek_, _2600: The Hacker Quarterly_, _U.S. News & World Report_, _Time_, and _Wired_; in addition to various people I've consulted.
    [Show full text]