Recent Posts

Sunday, May 22, 2011

Sony Gets Hacked Again


By: Kareem Ali

Sony got their PSN service up again last week, after about a month of making repairs to their network that were supposed to increase security. However Sony is still facing attacks they can’t seem to keep up with or defend against.

First off Sony left a gaping hole in their security when they put the PSN back on-line, although they forced users to change their passwords before being able to log on to the service, they overlooked a pretty gaping hole by only asking users to supply their birthdate and email address in order to change their passwords. Those two pieces of information were taken in the first PSN/Qriocity breach. So the jerk-asses who stole the information in the first place could easily go in and start changing users passwords to whatever they wanted to over the PSN account recovery website. Thankfully Sony reacted quickly and shutdown the website, so now the only way to change your PSN password is through your console.

It’s good that Sony reacted quick to patch the hole, but really? After a month of intense security auditing no one caught that? I guess it’s forgivable, but I would’ve hoped Sony hire a couple of pen test teams to check every single security hole, both physical and digital. I know they were in a rush to restore service but I think users would’ve waited another week for Sony to go real deep and check everything out before risking millions of their users data again online. What with them knowing they’re a target and all.

And that’s not all…

According to recent reports Sony’s So-net (an ISP subsidiary of Sony), was attacked as well. Attackers got in an stole about $1,200 worth of gift points from 211 users accounts. 128 of those accounts had their points redeemed while another 73 accounts were just owned and not used. Along with those 211 accounts, another 90 email accounts were compromised on the So-net.

According to Sony there is no evidence that any personal data was viewed or stolen, however they discovered the breach on the 18th but found that the attack started two days earlier on the 16th. So there really is no telling how many accounts were compromised or what data was taken and viewed. Seeing as by the time they found it the hacker could have covered most of their traces pretty well.

The crazy thing to me is how the attacker got in, sheer brute force. Apparently the hacker used a good old dictionary-password-generator script to hit the (So-net point service) site 10,000 times, from the same IP address. It’s kind of mind boggling that So-net could be hit for password requests 10,000 times without having any red flags go off, for two days.

Sony is saying that they don’t believe that the latest attack has anything to do with the PSN attack last month, but I disagree. Sony has made themselves a target by showing the hacker’s and cybercriminal’s out there that they have weak security. These people (hackers and cybercriminals) are not stupid people, and they will dig and dig through all of Sony’s websites and online services or anything related. The idea being that if a service as valuable to the company as PSN can be owned so easily, Sony’s other sites must just be wide open. Especially during these incredibly distracting times for the company. It was, by Sony’s own admission, anonymous’ fault that PSN got owned in the first place, not because they did it, but because they distracted them enough to allow the attack to happen. There is no way they can deal with all these new distractions and keep all their online assets safe, so I would assume the attacks will continue.

Related Stuffs:

No comments:

Post a Comment