On the latest episode of 60 Minutes, Steve Kroft dove into North Korea's cyber attack on Sony Corp (ADR) (NYSE: SNE) last winter.
Kroft interviewed FireEye Inc (NASDAQ: FEYE) Chief Operating Officer Kevin Mandia -- the California-based IT company was hired by Sony to "clean up" the aftermath of the attack in December.
Below are 13 key quotes from the interview:
1. Kroft: "The cyber attack on Sony Pictures Entertainment exposed a new reality: You don't have to be a super power to inflict damage on U.S. corporations."
2. Mandia on the aftermath of the Sony attack, when the company went off the grid: "Immediately employees start to remember the things they took for granted. Does the gate let you in the garage? You can't get your email. People's benefits can't be processed appropriately. Time cards can't be done...There are so many things that depend on the Internet, that quite frankly, most companies don't know all of them until they come off the Internet and go -- 'Oh, wow! Didn't see that coming.'"
3. Mandia on Sony's attackers: "We had the malware from the attacks that happened in South Korea in 2013, and these things when put side by side looks like whoever hacked South Korea [then] is hacking Sony. The attribution in those attacks was to North Korea."
Related Link: 30 Cybersecurity Stocks In A Dangerous Digital World
4. Mandia: "Sony scares CEOs. Right, that's the difference. Every CEO is walking around, going, 'How do I feel if my emails were out on the Internet? How would I feel if my machines got disrupted?' All of a sudden, every Chief Information Security Officer is talking to the Board, because every Board wants to know: Is this the new normal?"
5. Kroft: "Mandia says even big corporations with sophisticated IT departments are no match for the dozens of countries that now have offensive cyber war capabilities."
6. Mandia: "All advantage goes to the offense in cyber. It just does. On the defensive side, you have to say 'I must defend all 100,000 machines, all 50,000 employees.' The offensive side thinks, 'I only need to break into one and I'm on the inside.'"
7. Mandia: "Nation state...hackers target human weakness, not system weakness."
8. Kroft: "There's no shortage of weaknesses. Most companies' employees are allowed to browse online and check Facebook on corporate computers, and many take them home for personal use. All it takes to contaminate a network is for one person to unwittingly access an infected file that looks realistic, like an Adobe Flash Player update, or an email that pretends to be from Apple Support."