PlayStation Network Intrusion: Everything You Need to Know

77 million. The figure is repeated through the media in the last week, a sophisticated attack on the security of Playstation Network compromise the information of all its users. Nobody could suspect the past day 20, when the network was disconnected without notice, which was behind more than the maintenance referred to by the message of the day.

People started to smell fishy few days later. Soon confirmed the unthinkable: Sony had been one of the most notable security breaches in the recent history of electronic entertainment, so that few dared to predict the consequences.

The issue has not left the information stream a single day. Today still kicking even more embarrassing, with the confirmation that Sony Online Entertainment has also had to be closed it up attacks (a priori independent of those before us) that have pledged 24.6 million accounts worldwide. 12,700 credit card numbers and nearly 11,000 records of customers' bank accounts in Spain, Germany, Holland and Austria would hold those responsible for this intrusion, which has affected 174 Spanish users.

The very same United States Congress has been quick to intervene in the matter (like many other institutions and government agencies) by providing the very president of Sony, Kazuo Hirari, a list of questions concerning the identity of the attackers, exact date and intrusion if at this stage there is credible evidence of theft or bank.

Sony has already stated at length yesterday at a press conference that apparently has not done to clarify the issue for many. We will try to do it ourselves:

What has happened so far?

On April 20 the entire PSN community received a maintenance message when attempting to connect to online gaming platform. Thinking it was a minor effect, turned off their consoles and tried again hours later without any difference. Did not yet know, but Sony had proceeded to unplug your network to detect a remote attack uncertain consequences.

The intrusion occurred between 17 and 19 April, detected the same day 20. After the blackout was decided to hire an expert firm to assess security attack, uncovered at its head and got to seal the breach. The findings were disappointing: it was a highly sophisticated maneuver carried out by someone who knew what he was doing, a hacker who of course had no qualms to hide their tracks.

April 24: while users were pissed (still worried) by the falling of the service, Sony resorted to two additional companies that ended up confirming their worst suspicions. The attackers had personal information of users, data that Japan's giant servers guarded in San Diego.

Two days later, on April 26, Sony decided to release the stolen names and addresses (physical and email addresses) date of birth, user names and passwords Qriocity PlayStation Network and were in possession of the assailants. The most tricky no doubt that he could not categorically deny the theft of bank card numbers, recommending the comprehensive monitoring of bank statements.

Sony reassured saying the verification code cards had been stolen and asked for forgiveness strongly through mass electronic messaging to 10 million accounts were registered assume bank details.

Several communities of hackers were quick to falsely attributed the attacks to sow unrest possessing confirm the bank details of more than 2.2 million accounts. Internet came to circulate a list with plenty of personal information that showed little intrusion unconnected.

General media (the specialized had many days to the minute) began to echo the news and stock exchange shares of Sony ostensibly resented the lack of information and the delay with which it was made public. Political classes across the globe joined the protest, initiating investigations and predicting overt fines if they were found some kind of irregularity.

Given this climate of pressure, Sony decides to offer a second wave briefing on Sunday, and in the context of a tense press conference, the kind you attend without knowing exactly as it is extended. There is finalized much of the information we have provided, we learned that the FBI was investigating the matter and were implemented measures and compensation. Also denied any involvement of the activist group Anonymous , which initially was believed responsible for attacks after several of the type previously orchestrated DDoS which then end up regretting the distress caused to users.

In the financial arena, many companies have estimated compensation of up to 1,500 million dollars, reading also up to 24,000 million in terms of analytical work carried out. Class action lawsuits have already begun in fact, being Kristopher Johns of Birmingham (Alabama) was the first company to bring a counter that has failed to "protect, encrypt and ensure data privacy of its users."

But back to the press conference, in this data were released as the number of accounts affected by country (Spain totaling almost 3 million) and the method by which the intrusion took place . Mean for a moment to our colleague Fabián Joystiq , which explains the chart published by Sony in this regard:

When connecting the console to interact with a server network that listens to our requests and responds to them through HTTP protocol. Basically the same as when we surf the Internet only in that case that speaks to the web server is your browser. The application server takes the requirements that are made to the web server and run the code needed to return to the last messages that must return to the user. These requirements can, in fact 99 percent of the time so - need to consult or write data to the database. For that is precisely the database server. That is not nothing but a repository of information, allowing the network to run and store applications and data users.

Between each of these teams is a firewall components that have the function do not allow other transactions between servers beyond those permitted. As shown in the figure, the hackers have somehow violated the firewall between the web server and application server and exploiting a vulnerability in the same put in place a tool that extracted the data directly from the database and published to the web.

Right now Sony is working to restore Playstation Network, is expected back this week on a limited basis, although completely restructured and enhanced long-term.

Sony's response

What happened between 24 and 26 April? Why when he is aware of the seriousness of the intrusion, Sony did not alert their users. Why wait until April 26 to recognize the mess that was. These are questions we all have had enough and have accused the company in recent days has opted for a completely transparent attitude. We will have to hold on to the better late than never ...

Sony's first action once investigated the attack was to begin a process of restructuring forced on PSN has completely changed the infrastructure of the platform, which could return with new features such as voice and video chat ingame.

Second proceeded to transfer your data center (already have located in San Diego) by a highly secret location equipped with the most advanced security measures and systems.

PSN Once again, all users will have to install a software update that will force them to change the password of your accounts.

Further aware that asking forgiveness is not going nowhere, the company is studying cover expenses that may involve users to cancel their credit cards, something that could perish as a mere possibility, given the enormous expenditure that would entail. Also provide what has been called "Welcome Back" or welcome pack, which in addition to some free content, each user will receive a month's subscription to Playstation Plus, exclusive section of Playstation Store from which to acquire content discounts or access to them in advance.

The latter measure has been met with some reluctance on the part of the community, which means the compensation almost as a joke. Playstation Plus has never been especially valued and they can be encouraged at the expense of premium subscriptions such an attack seems almost a lack of respect.

Finally, as part of measures aimed at something like this does not happen again, Sony has pledged to work with all platforms towards preserving online privacy and security, perhaps by promoting an organization that is responsible for ensuring the same. Everyone in the company now expect the ongoing investigation of the culprit and finish with remaining chiaroscuro.

Recommendations

Finally we want to remember what should be done all user affected by the intrusion. First change the password for all services (especially mail clients) who shared with Playstation Network or those that are in some way related to the stolen data (date of birth, full name ...).

The next step is, if you had the credit card associated with PSN, proceed to shoot it down immediately. It is true that Sony has recommended monitor bank statements regularly, but there is no guarantee that a look at another has not been any unwanted charge. Suspended card number, solved the problem. In many cases your bank will consent to the process without charge. Another option, a move seen fraudulent, is to ask your body to prevent future similar positions.

Regarding the possibility of taking the legal route against Sony, either by the fragility of the system, either through negligence communicative objective is deprecated. It is true that there are class actions but hardly come to fruition, so the owners probably end up losing money rather than being compensated. Remember the fact that Sony is excused from any liability, according to the terms and conditions of PSN that we all accept in their day without reading even, as we always do.

To others, just be patient. Better to wait and let Sony do their job, they can rush back to interfere in such a nasty situation.

PlayStation Network Intrusion: everything you need to know written ALT1040 on 3 May, 2011 by José Carlos Castillo
Send to Twitter | Share on Facebook