President of Sony Network Entertainment International, Tim Schaaf, testified to the House of Representatives on June 2nd that “Sony Network Entertainment and Sony Online Entertainment have always made concerted and substantial efforts to maintain and improve their data security systems.”
Yet more than a dozen breaches and successful attacks on Sony’s networks have occurred in last two months. Attacks using the same methods to access Sony’s networks multiple times over the past few weeks were conducted immediately in the following days after Tim Shcaaf’s issued statement to congress.
Sony was under intense criticism in April when its PlayStation Network (PSN)/Qriocity service was hacked and the information from millions of user accounts was compromised. Sony did not issue any statement regarding the breach until over a week after they had shut down PSN.
While recovery from that attack has been well underway and improving significantly, other recent breaches in the face of assurances from Sony such as the LulzSec attack and leak of Sony’s Developer Network Source Code have only helped to tarnish their reputation.
Sony is not the only company who has been attacked recently. On Thrusday June 9, Citigroup Bank admitted in a report that the firm was subject to a sophisticated cyber security hacking attack last month.
Google and RSA Security were attacked in March through a highly coordinated and sophisticated attack designed to gain access to resources necessary to breach and attack numerous other targets.
These other attacks came in May, when major U.S. defense contractors Lockheed Martin, Northrop Grumman, and L-3 Communications were all breached, potentially exposing sensitive U.S. military weapons information.
Nintendo was also recently hacked on June 5th, but claims no damage was done and no customer data was lost.
More and more cyberattacks in increasingly greater amplitudes of sophistication and damage have prompted the U.S. Department of Commerce to release a 75-page report advocating new and improved cybersecurity measures.
The report details a continued role for government in ensuring cybersecurity interests while promoting private innovation in design and concept. The full report can be accessed through the National Institute of Standards and Technology website.