The destructive cyber-attack on Sony Pictures late last year being blamed on North Korea has already cost the Japanese giant an estimated $15m to investigate and remediate, according to the firm’s latest financials.
Sony released forecasted financial results for the third quarter and a revised consolidated forecast for the fiscal year ending 31 March.
Referencing its California-based entertainment business, it said the “serious disruption of its network and IT infrastructure as a result of a cyber-attack” meant Sony Pictures Entertainment had been unable to close its third quarter financials on time.
It added:
“The current quarter is expected to include approximately 15 million U.S. dollars (1.8 billion yen) in investigation and remediation costs relating to the above-mentioned cyber-attack.”
It’s possible, of course, that Sony Pictures could suffer further costs in the future as a result either of legal action by employees whose data was exposed in the attack, or from damage to its brand and reputation.
Chris McIntosh, CEO of security and comms firm ViaSat UK, argued that any outlay on new technology to prevent breaches in the future must be accompanied by a similar commitment to improving staff awareness and security training.
“Yet even with all the education in the world, there is still the chance of human error. Businesses must also take steps to limit the potential impact that employee actions such as sharing passwords; losing laptops, USB sticks and other hardware; or simply clicking on the wrong link can have,” he added.
“In the best case, sensitive information should be deleted when no longer needed or at the very least encrypted. Only then will organizations like Sony be assured that when the next, inevitable cyber-attack happens the damage to their reputation can be limited.”
As if this wasn’t a big enough blow for the movie giant, it was alleged on Wednesday that a possible second ongoing attack on Sony Pictures may have occurred in late 2014.
US security firm Taia Global claimed in a report, The Sony Breach: From Russia, No Love, that Russian hackers sent spearphising emails to Sony employees in Russia, India and other parts of Asia, successfully infiltrating the network with a RAT.
“Sony Pictures Entertainment remains in a state of breach and is actively losing files to Russian mercenary hackers,” the report claims.