How can big companies fight hackers?

Features
By published

As Sony finds itself on the receiving end of a hacking campaign, just what problems are big companies facing in this area and what can they do about it? Simon Brew takes a look.

Leaving aside the ramifications of Sony and the PlayStation Network though, there's another significant problem the firm faces in the midst of hacking attacks: just what can it do? How can you defend yourself as a large organisation when a small group of unidentifiable individuals decide to target your website?

By the very nature of being a big company, you leave gaps and smaller groups are far more nimble at exploiting them than a large firm is at covering them up. It takes more than a busy IT department putting fingers in the appropriate dams.

Even appreciating in many countries the legal argument was on its side, how do you begin tracking down a group like Anonymous? Was there a ringleader it could find? Was there any guarantee Sony could find them and take action against them? What if they were in a country where jurisdiction differed? Heck, who exactly is a member of the group and how can you be sure you've got their true identity?

It takes more than a busy IT department putting fingers in the appropriate dams

These are not easy questions to answer and Sony knew it because even if things went its way, it would take months to execute any kind of proper, effective action. That's if the legal system was working at anything approaching decent speed.

Furthermore, even if it managed to get something done, then Sony ran a very real risk others would take up the mantle. Basically, by fixing what it saw as the immediate problem, it risked making the problem worse. At the very best, it knew it was an impossible PR battle to win, with a David and Goliath scenario being portrayed. At worst, that PR battle would turn into something far trickier to deal with.

It's an experience many other big companies will be looking at nervously. Anonymous alone has targeted the likes of the Bank Of America and YouTube. Worryingly, these are the hacking attacks we've found out about and the ones where there was an intended public impact.

So what about the ones off-radar? Anonymous may be high profile, but most hackers aren't. It's only a year since McAfee was saying "we have never ever, outside of the defense industry, seen commercial industrial companies come under that level of sophisticated attack," in response to major hacks on the likes of Google and Adobe.

Also techniques increasingly allow hackers to cover their steps. There's a mantra of sorts in security circles if a proficient hacker doesn't want to be found, then they absolutely won't be.

Simon Brew
Female job candidate with short hair participating in a video call interview while using AI tools on small tablet device out of view of the recruiter.

‘If you want to look like a flesh-bound chatbot, then by all means use an AI teleprompter’: Amazon banned candidates from using AI tools during interviews – here’s why you should never use them to secure a job
Jeremy Fleming, former head of GCHQ, onstage with Haider Pasha, chief security officer, EMEA & LATAM at Palo Alto Networks at Ignite London 2025.

Businesses must get better at sharing cyber information, urges former GCHQ chief
A Dell Inspiron 14 AI PC pictured inside a Best Buy store on Black Friday in Pinole.

AI PCs are becoming a no-brainer for IT decision makers
See more latest