Safeguarding against Cyberattacks

Sony Pictures Entertainment decided to cancel the Christmas release of their new film, “The Interview,” after a group calling themselves “Guardians of Peace” hacked the company’s database and threatened acts of terror on the U.S. if the movie was screened theatrically. While the case is still under investigation, federal officials believe that North Korea is behind the massive cyberattack and the subsequent warning regarding the film’s exhibition, as the controversial comedy centers on a pair of journalists who are asked to assassinate the country’s leader, Kim Jong Un.

On December 18, Sony released the following statement:

"In light of the decision by the majority of our exhibitors not to show the film The Interview, we have decided not to move forward with the planned December 25 theatrical release. We respect and understand our partners’ decision and, of course, completely share their paramount interest in the safety of employees and theater-goers. Sony Pictures has been the victim of an unprecedented criminal assault against our employees, our customers, and our business. Those who attacked us stole our intellectual property, private emails, and sensitive and proprietary material, and sought to destroy our spirit and our morale – all apparently to thwart the release of a movie they did not like. We are deeply saddened at this brazen effort to suppress the distribution of a movie, and in the process do damage to our company, our employees, and the American public. We stand by our filmmakers and their right to free expression and are extremely disappointed by this outcome."

Amid growing concerns about privacy invasion in America, The Doctors are joined by cyber security expert Gary Miliefsky to discuss strategies for preventing financial and medical information from being leaked online.

Miliefsky says the Sony breach is the second largest in cyber history and is expected to cost the company more than $100 million in damages. While regularly changing passwords can help reduce the risk of being victimized by a cyberattack, Miliefsky says this precautionary measure is only effective to a certain extent.

“We all install apps on our devices that we don’t know where they come from, whether it’s China, Russia or other countries. We automatically trust them, not knowing what permissions and privacy we’re giving up,” he says.

Miliefsky adds that people should always use credit cards instead of debit cards when shopping online, as credit card companies offer better protection against identity theft. He also says using PayPal can be risky, particularly if it is linked to a consumer’s bank account.

Regarding the protection of patients' medical records in the digital age, Miliefsky explains that hospitals and insurance companies are not adequately equipped to handle information leaks. “Ten percent of Americans have had medical record breaches — over 34 million Americans, and most of them don’t even know it this year,” he says. “[Hackers] want to monetize you, and medical records are worth ten times more than a credit card.”

ER physician Dr. Travis Stork inquires about the efficacy of using retinal and palm scans to help prevent hospital records and equipment itself from being hacked. Although these high-tech security methods could be beneficial in some cases, Miliefsky views them as potentially precarious.

“I think it’s risky to give up your two thumbs and your eight fingers because you only have 10 of those identifiers. If they get stolen, you can’t change them,” he says. “I think the better thing to do is to use two-factor authentication and encryption. If hospitals start getting proactive, they’ll encrypt all of our information."

 

Related:

Please help keep the community civil. The Doctors moderates this forum and all comments must follow TheDoctorsTV.com Community Guidelines and New Terms of Use . The Doctors reserves the right to use the comments you submit in whole or in part, and to use the commenter’s name and location, in any medium. Note that DISQUS operates this forum and you must log-in or register with DISQUS to participate.