In an interview with CBS’s 60 Minutes, former hacker and now VP of antivirus software maker Cylance, Jon Miller warned that there are thousands of individuals capable of launching a cyber attack on the scale of last year’s attack on Sony.
Miller told the programme that “There are probably a couple thousand, three, four, five-thousand people that could do [the Sony] attack today. Not all of them are in friendly countries and the number is growing rapidly.”
The Sony attack was one of the largest in history and exposed huge amounts of corporate and personal data. According to Miller, the tools required to conduct such an attack are readily available for purchase for around $30,000.
In 2013, the PlayStation Network was hacked, reportedly costing Sony around $170 million. According to Jim Lewis of the Center for Strategic and International Studies, last year’s breach will cost Sony around $100 million. This isn’t as much as the PlayStation attack because it didn’t contain customer details, but there is speculation that Sony employees could bring law suits against the company as huge caches of personnel information were exposed.
These figures are just estimates, but they highlight the scale of damage a cyber attack can do to a large organisation. If you look at it from a simple ROI perspective, there may be plenty of people willing to pay a hacker and buy them the shiny tools they need to conduct such an attack – it won’t cost them much, and the results could be astonishing.
The question is: how badly would a similar attack affect your business?
At IT Governance, we help businesses create robust cyber defences. One of our areas of expertise is the international cyber security standard, ISO 27001. It advocates the implementation of an information security management system to protect the confidentiality, integrity and availability of information throughout the business.
Learn more about ISO 27001 and how it is fast becoming the world’s premier cyber security standard by downloading our free green paper today >>