索尼影业员工向《财富》匿名披露公司被黑全过程
感恩节之前的那个星期一,我们都照常上班。有些同事来到公司,打开电脑开始工作。大约在上午8点15分,电脑突然黑屏死机。 黑客让整个网络陷入了瘫痪状态,那周剩余的几天,我们基本上都无法工作。不过由于那个星期是假期,这倒也没有太大影响。但事情进展到星期二和星期三的时候,人们已渐渐明白:这并不是一起单纯的黑客行为。 在感恩节期间,我还拿这件事开玩笑来着。大家都以为过段时间工作就能恢复正常,我们还有许多文件要处理,年底之前还有很多工作要完成。 直到第二周的周一周二,我们才意识到事情的严重性。我们被告知,电脑可能需要几个星期才能修复。随着遭窃密的信息被披露,一切就更加明白无疑了。到了周三周四的时候,公司的人开始说:赶快通知银行、修改你的密码、开一个新的支票账户。 我怒不可遏。一旦涉及到个人,这感觉就不一样了:开什么玩笑?周围那些有家室的同事脸上写满了担心,这关系到他们一生的积蓄、养老金和孩子们的未来。 所有这些信息我们都是通过外界博客、网站这些渠道获知的。迈克尔(索尼影业首席执行官)和艾米(公司联席主席)提供的信息反而不多。 公司给每个员工配备了身份保护服务All Clear ID,这是一家安防监控公司的产品,但有些人说LifeLock的保护服务更好,于是我决定自己买一个。每月服务费要29.99美元,但这个钱非花不可。 那个周末,我给自己所有的银行账户、信用卡都设置了警报系统,每笔交易后我都会收到短信,每当要付费时,那些手机应用都会在屏幕上给我推送通知。 我把所有银行和信用卡的密码都换了,一共五个,然后是401(k)退休金账户、医疗保险账户、三个电邮账号和Facebook。还有亚马逊、eBay、PayPal和其他购物网站的密码。加起来大概有25到30个。 几天后,我们用借来的笔记本电脑、笔和纸重新创建PPT和数据库。几乎做生意要用到的一切都得重做:各种Word文档、合同、PDF文件。我们不停手地尽可能做着补救工作。但尽管如此,人们总有几天需要离开办公室处理私人事务。 继而,我还想确保自己不会被莫名扣掉500块钱。我已经决定再也不用公司电脑登陆自己的理财账户。如果要处理某些紧急事情,我会用自己的手机或者回家完成。不值得去冒那个险。 还有些同事有点反应过度,他们甚至更换了自己的护照什么的。对我来说,钱和财产安全是最重要的。 这件事给我敲了一记警钟——我用不用担心有人会盗用我的医保账户?还有,公司高层对于事情的处理令人失望。他们为什么不为员工提供更多的帮助?为什么不聘用网络安全顾问? 所有关于此事的新闻报道里,你都能读到公司员工士气低落,我不想这么说。工作还得继续,但是这件事给人们提了个醒:你该时时注意身后,小心驶得万年船。(财富中文网) *鉴于黑客事件当前的敏感性,此员工姓名已被隐去。 译者:南风 审校:Patti |
The Monday before Thanksgiving, we all came to work. Some people had turned on their computers and were working. At around 8:15 a.m., that black screen of death came on. They shut down the entire network. We couldn’t really work the rest of the week, which seemed OK because it was a holiday week. But as Tuesday and Wednesday progressed, it became clear that this wasn’t a simple hack. Over Thanksgiving, I joked about it. We all thought it might take a while to get our work life back—files, things we have to do before the end of the year. It wasn’t until Monday or Tuesday of the following week when we realized the extent of it. That’s when we got word that it might take weeks to get back up. Things became more clear when it was revealed what information was released. Around Wednesday or Thursday, people started saying: call your bank, change your passwords, set up a new checking account. I was completely irate. Once it got personal, it was just, are you kidding me? Seeing the faces of colleagues with families—they’re worried about their life savings, their retirement funds, their kids. And the blogs were the ones giving us all the information. We got more information from blogs and websites than we did from Michael [Lynton, CEO of Sony Pictures Entertainment] and Amy [Pascal, co-chair of Sony Pictures Entertainment]. The company provided us with All Clear ID, which is a security monitoring firm, but some people said that LifeLock was the way to go, and I decided to get it. There’s a reason you pay [$29.99 a month] for it. That weekend, I set up alerts on all my bank accounts and credit cards. I get a text message about every transaction, and the [smartphone] apps send me notifications on my home screen anytime there’s a charge. I changed every single password. Five for banking and credit cards. Then for my 401(k), health insurance, three email accounts, and Facebook. I changed them for Amazon, eBay, PayPal, and other shopping sites. In all, it was probably 25 to 30. A few days later, we were on loaner laptops, pen and paper, recreating PowerPoints, re-creating databases. All the things you’d need when you’re working on any kind of business deal. Word documents, contracts, PDFs. We chugged along. We did as much as we could. But there were certain days that people had to leave the office to do what they had to do personally. Going forward, I want to know that I won’t get a random $500 charge. I decided that I’m never going to access any of my financial accounts on my work computer ever again. If I need to do something urgently, I’ll use my smartphone, or I’ll go home and do it. It’s not worth the risk. Some people have gone a little overboard, changing their passports and things like that. For me, money and keeping my finances secure is most important. It’s taken a toll, mentally—do I have to worry about someone getting a random medical procedure with my benefits? And there’s the frustration at the way the top top brass handled the situation. Why didn’t they provide more for the employees? Why didn’t they bring in security consultants? You read all these reports about morale being low. I wouldn’t say it’s low. You chug along. But it is like, wow, you always have to look over your shoulder. This is forever. *The employee’s name has been withheld due to the sensitivity of the ongoing situation. |