Major corporate hacking incidents seem to be everywhere lately, but the increased profile of the problem doesn’t necessarily mean we’re getting better at addressing them.
The Federal Bureau of Investigation withheld information from Sony (SNE) as both organizations worked to respond to the November cyber attacks on Sony Pictures, according to a report in the Wall Street Journal. The FBI didn’t advise Sony on how to respond to the hack, and when the National Organization of Theatre Owners approached the Department of Homeland Security for information and advice about the incident, the owners walked away largely empty-handed.
The disarray around the hack led to each stakeholder making high-profile decisions without fully consulting the others: theaters refused to show The Interview, the film fingered by the hackers as offensive; that decision led Sony to delay the film’s release; the White House felt forced to make a statement supporting free speech in response to the delay. All the while, federal officials told theater owners that there was no threat to them even as it admitted that it didn’t know.
The confusion demonstrates that the response mechanism for a high-profile corporate hack—which can span private companies, their partners, and various government agencies—still needs refining.
Clarification, February 23, 2015: An earlier version of this story stated that Sony canceled the release of The Interview. It actually delayed the release after theaters refused to screen the controversial film.