PlayStation Network hack launched from Amazon EC2
The hackers who breached the security of Sony's PlayStation Network and gained access to sensitive data for 77 million subscribers used Amazon's web services cloud to launch the attack, Bloomberg News reported. The attackers rented a server from Amazon's EC2 service and penetrated the popular network from there, the news outlet …
This topic is closed for new posts.
umm, can't think of a title
Is this why Sony has kept so quiet about the attacks - apart from trying to blame it on this week's 'Enemy of the West(tm)'.
Thier silence raises more questions about the amout of data nicked and the depth of penetration
(oooh, err, missus). It also makes them look really shifty. Whatever hapened to world domination, Sony?
Cloud computing at its best, used to demonstrate how shite the root-kit pirates really are.
Analysis
And the number of systems that have to be analyzed to determine the full extent of the attack. It is far from a simple task to know for sure if a system has had malware installed on it. And if data wasn't accessed through normal channels there may not be any logs of exactly what was grabbed.
That would be one use
... for stolen credit card info I suppose. What I have been wondering is how they pay for those.
Every silver lining
has its cloud
The one with the sow's ear in the pocket, thanks.
Irony?
I find it hugely ironic that today's register is plastered with cloud adverts upon loading this story :o)
Not really a surprise
Can't fault the hackers with using the tools with the most bang per buck. Much more cost effective than buying or building your own cluster and probably cheaper than renting a botnet.
indeed
it is the same thing that most zombie hunters use a gunn and moore. Nothings says thwack like a gunn and moore.
not uncommon
I have attack logs across my clients and in a high % of these the IP knocks on the door of a server somewhere.
Try RDPing into 195.88.202.193, this is the latest attack IP.
I don't bother emailing 'abuse@' or getting in touch with the host as its a waste of time.
What a tangled web we live on
So, this occurred before the PSN takedown, and on...what was it, the 21st? Sony take PSN down themselves, and meanwhile Amazon's cloud services vanish. It takes Sony a week to fess up that they'd been hacked, and that - yes, they took PSN down voluntarily. At this point, Amazon is putting the pieces back together, 'some data lost irretrievably...?
Anyone here *really* believe in coincidence?
Smells like the work of Oponn.
errm
" It takes Sony a week to fess up that they'd been hacked"
No, they told us after about 2 days, they only told us the FULL details of what was taken after they has taken server snapshots and does forensic analysis...
@CA
Sadly, such facts fall on purposefully deaf ears here, as elsewhere.
HHmmmmm...
Did they find a notepad saying "Anonymous, we are legion" on the server? Lol...
Could be wrong, but this makes it sound less like Anons work.
Of course
Anonymous would have filled all the servers with Gay porn, fetish anime and memes. Subtlety is not their strong suit.
nice!
cool. so i put up a server, annoy anonymous in some way and all the good stuff
gets given to me without any searching or effort on my part? teh 4wes0m3, TFW! ;-)
Nice work if you can get it
"In both cases, those tapping the Amazon cloud did so as paid customers"
Nice! Where do I sign up to be paid to use these services?
do your research!
well, yes, sony has said when it will reopen. full functionality by the end of the month with some things working before then.
not just AWS
I have sites that are under random attack from Rackspace hosted sites, among others.
Indeed, looks like security will need a new play....
Time to add to the internet security playbook. If you run any kind of customer facing network, It's time that your firewalls and monitoring systems had rules for Cloud Computing sources. In fact I'd completely block their addresses on the firewalls and filters, set rules in the firewalls, filters and monitoring systems to check incoming packets for anything suggesting the packet claim from a cloud source, and once again block, quarantine and/or isolate such packets.
Signs of life on PSN...
Last night PS firmware update 3.61 was published, along with a blog post telling us (what we already knew) that we will be required to change our PSN password when we first sign on to PSN after installing this update.
'twas a false dawn however... after applying the update I still couldn't sign-in to PSN ("down for maintenance") but it looks like things are starting to stir back to life.
YAY!
Cloud computing
I think the term is clown computing rather than cloud.
Shove all your data on remote severs run by clowns with their head in the clouds when it comes to security.
Aha ha ha.
I see what you did there. Hilarious. Do you write your own material? 'Cos that was priceless.
You know, with this level of wit and incisive analysis of recent trends in technology, I'm surprised the Reg haven't already offered you a permanent position. The world really, truly needs more input from you.
Well done!
</sarcasm>
Anonymous
Nope, not the work of Anonymous. Not their style. Filling it up with gay porn (like the defacement of the Taliban entry on Wikipedia last night), dragons f**king cars and pictures of pedobear maybe, but not hacking for monetary profit.
Not the first time
This is not the first time amazon or other rented servers have been used to exploit something. It happens more often than you think.
If you sell someone a gun, you have to verify who they are....
It used to be the case that if you sold someone military grade encryption (DES) you had to do checks into who they were and verify them, and even have them obtain a license from the DoD. Considering that Amazon is selling what amounts to supercomputing for hire, one has to wonder why they are not required by law to more carefully check their clients. The same would be true of any cloud vendor offering cloud computing services. I mean, in this case they're saying that the people who did this used fake information and stolen card numbers. I don't know, but it sure seems like those are things that should have prevented the account from being opened in the first place.
This topic is closed for new posts.
