The PlayStation company’s newly installed chief security officer, Brett Wahlin, is considering a range of counter-intelligence strategies that could help increase the effectiveness of the anti-fraud measures.
Wahlin, who was hired as Sony’s first security executive six months after the calamitous PlayStation Network hack, believes that the new online threat is organised “agenda driven” groups.
“The types of attacks we see are by groups with social agendas. The methods they use aren’t the same as the state-sponsored guys,” Wahlin said in an interview with Secure Business Intelligence.
“At Sony, we are modifying our programs to deal less with state-sponsored [attacks] and more with socially-motivated hackers. It will be different.”
Now Sony is embarking on an ambitious user-profiling plan in the hope that it will quickly detect any illegal breaches to its internal division.
“We are looking to see if there are there key elements within a person’s interaction with their environment,” Wahlin said.
“That could be interaction with badging systems, with telephones – when and who do they call – and with systems like browser habits and applications used. All these things allow us to set up a pattern for users, so when something different happens we can respond.”
This complex user information streams, the theory goes, would be automatically analysed and abnormal activity will be flagged.
“If we detect unusual activity, it may be that someone’s been owned by a Trojan that we don’t know about, and we can stop data flying out the door,” he added.