After a slew of recent hackings of major corporations in the past few months, the issue of cyber security has come to the forefront of discussion among those in the business world with the government scrambling to improve its own capabilities to deal with the issue. Sony Pictures, one of the well-known victims, had many private and confidential contracts, salary lists, film budgets and social security numbers leaked due to hackings committed by North Korea in protest of the film “The Interview,” a fictional parody of the country’s dictatorial leader Kim Jong-Un. Reeling from the damage caused by the cyber intrusion, Sony decided to temporarily pull the film, which was budgeted at $44 million, much to the dismay of moviegoers across the country. In addition, Staples, Home Depot and Target all reported having their customers’ credit cards and other payment information compromised as hacking continues to plague large companies.
As these recent events and many more have demonstrated, cyber security is one issue that businesses need to take more seriously if they are to prevent major issues for themselves as well as their customers in the future. With the amount of personal information we have in cyberspace only increasing as more of our lives become integrated online, the risk of theft will only grow. Because customers are entrusting their personal information to companies that conduct business online, it is up to these businesses to make sure that there is adequate protection in place for the consumers. With its own hacking incidents taking place, the government has been vocal about determining an appropriate response to deter such events and prevent them from happening in the future.
Ashton Carter, a nominee for secretary of the Department of Defense, was critical of the government’s actions in light of these hacking issues. Citing the need to “improve our abilities to respond,” he hopes to make hackers more wary of their actions by implementing harsher punishments for and responses to such attacks. However, he was quick to clarify that he was not at liberty to discuss such “responses” so as to prevent any kind of possible counterattacks by cyber criminals. As it stands now, businesses are prohibited from retaliating with “hack backs,” a reaction in which companies attempt to retrieve the stolen information. Instead, they have to rely on the government to dole out punishments either in the form of sanctions or criminal indictments, yet presently many business executives are frustrated with the government’s handling of the situation as of late.
Despite the progress being made with the government admitting the need for more robust cybercrime measures, there is still much work to be done because of debate over exactly which strategy to adopt moving forward. One debate is over the extent to which we should respond to attacks, as such cyber warfare can quickly spiral out of control and get out of hand as the government becomes more of an aggressor in these instances. Additionally, the scope of such defenses needs to be considered not just for the government and the businesses themselves, but also for the nation as a whole. These recent incidents will hopefully serve as examples of what happens when appropriate precautions are not taken for cyber security and how consumers are more vulnerable than ever.