"This is punishment," says Josh Corman, a security analyst for the 451 Group, about the monthlong string of attacks against Sony websites. "Ideologically motivated adversaries show how tenacious and lengthy an attack can be. They will take it further than anyone would expect and do it longer. This is a bludgeoning."
That is very different from how a typical attackers motivated by profit would work. Once financially motivated attacks are detected, they can be shut down and vulnerabilities can be repaired and the attack will likely be finished, he says.
BACKGROUND: PlayStation Network hack timeline
But when the goal is punishment for perceived wrongs, attackers keep on trying with whatever tools they have available, Corman says -- an entirely different beast that calls for new thinking. "I can almost guarantee that as part of their threat model, most organizations lack a plan for dealing with an ideologically motivated adversary," he says.
Businesses need to ask whether they could fall victim of such punishment attacks, he says. "If the answer is yes, run scenarios and adjust your countermeasures."
Actions such as shutting down websites -- something Sony has resorted to -- might not have been on the list before, but may belong there now, he says.
If businesses use cloud services or Web hosts, they should insist on contract language that guarantees an emergency hotline that can shut down the services immediately. Delays shutting down a Gmail account led to the theft of 70,000 emails from HBGary Federal.
Business should also have a plan for running servers in a way that is less functional but also less attackable, he says. Customers may not be able to do everything they could before, but at least business can proceed.
If a business has angered adversaries to spark such attacks, the technical defensive arsenal should be expanded to include social methods. Find out what set them off and take steps to defuse the motivation, Corman says. The initial Sony attack has been linked to what some say was a heavy-handed Sony legal response to a gamer jailbreaking PlayStation 3 and posting a how-to on the Internet.