Sony security a house of cards as more attacks surface
Sony has appeared to be increasingly losing control of its network as reports of new attacks surfaced on Wednesday, bringing the number of known hacks to at least ten. While the biggest remains the attack that shuttered the PlayStation Network for over three weeks, these smaller incidents indicate Sony's security systems may be quite lax.
The latest reports come from three separate Sony sites. Sony confirmed that the names and e-mails of 2,000 customers who had used its Sony Ericsson Canada website had been stolen, and a website in Thailand was shuttered after it was found to be sending fraudulent emails. In Indonesia, Sony's music site was shut down after it was attacked and web access codes stolen there.
Press reports indicate a similar issue may have happened to the Greek version of that music site as well, although there was no official confirmation. Also in the past week, Sony's ISP arm So-net had the e-mail accounts of its users compromised.
While it's unknown at this time whether or not these attacks are coordinated or related, the frequency of its occurence and relative success indicates Sony is suffering from a serious problem when it comes to its online security. But where does that blame fall?
While it's easy to target the company's IT department, the real crisis may be at the top. Sony CEO Sir Howard Stringer took the unusual step during the height of the PSN breach of becoming defensive over claims that his company moved too slow to protect user data.
"[He] seems to be agitated by questions about Sony's sluggish response. He would be well-served by simply absorbing the criticism and articulating the concern Sony had for its system and accounts," Jason Maloni said at the time, who is senior vice president at crisis management firm Levick.
Stringer's position now seems ill-advised considering the problem now appears to not be just in the PSN servers, but on web servers owned by the company worldwide. In the end, many would argue that is a leadership issue more than just a technological one.
"It makes little sense to hurry to stand in a room and yell 'can I have everyone's attention' and not have something helpful and definitive to say after that," Maloni said.
So thus the question now becomes, can Sir Howard Stringer himself be the next card to fall? If Sony can not get control of its online security -- and quick -- the biggest casualty of this debacle may be the chief executive of Sony itself.