In the most recent James Bond film, Skyfall, released in 2012, the story line focuses around a breach of security at MI6 which results in malware infecting the network and the main villain, Raoul Silva, being freed from custody to wreck havoc on London. Last week Sony Pictures revealed details of the next instalment of the James Bond franchise, Spectre, which will be released in November 2015. You'd be forgiven in thinking that this represented a good week for the studio - unfortunately it wasn't.
A few weeks ago it was revealed that Sony themselves had been a victim of a cyber-attack from a group called The Guardians of Peace. The group took to social media, using the hashtag #GOP to highlight their actions as well as threatening the company that if they didn't comply with their demands they would release confidential information they had obtained via the initial attack. This week they made good on their threat, exposing personal details on employees and actors including their salaries.
Nobody yet knows the origins of the Guardians of Peace. Some have speculated that the source of the attack was from North Korea although there has been little evidence to substantiate this. One more probable theory was that the attack came from a similar source as that portrayed in Skyfall - the unintentional downloading of malware from an external source such as a USB drive.
Back in 2012, ZDNet reported an attempted cyber-attack on multinational chemical firm DSM. The modus operandi in this instance was to deliberately leave infected USB sticks in the car parks of the firm's offices and hope that the curious nature of the finders would lead to the spyware being installed on the company's network.
Unfortunately, trying to prevent such attacks is a massive headache for firms, irrespective of their size and IT security budget. Even the most robust networks can be breached by someone inadvertently using an infected network device such as a USB drive. The only real preventative action a company can take is to educate their staff.
The results of a successful attack are not just counted in terms of cleaning up an IT infrastructure - there is also the brand reputation that may need to be repaired. Speed is of the essence in re-acting to any such incident. The use of social media monitoring enables a firm to very quickly ascertain what is being written and talked about on social media, and thus prepare the right response.
Any Director of Communication will tell you that being in control of a situation is key when a crisis hits. A brand protection strategy should be as much about being proactive in dealing with reputational issues as defensively monitoring the internet. It is not something that should be left to chance or when the worst does happen to a firm.