PlayStation Network hack launched from Amazon EC2
The hackers who breached the security of Sony's PlayStation Network and gained access to sensitive data for 77 million subscribers used Amazon's web services cloud to launch the attack, Bloomberg News reported. The attackers rented a server from Amazon's EC2 service and penetrated the popular network from there, the news outlet …
Is this why Sony has kept so quiet about the attacks - apart from trying to blame it on this week's 'Enemy of the West(tm)'.
Thier silence raises more questions about the amout of data nicked and the depth of penetration
(oooh, err, missus). It also makes them look really shifty. Whatever hapened to world domination, Sony?
Cloud computing at its best, used to demonstrate how shite the root-kit pirates really are.
And the number of systems that have to be analyzed to determine the full extent of the attack. It is far from a simple task to know for sure if a system has had malware installed on it. And if data wasn't accessed through normal channels there may not be any logs of exactly what was grabbed.
... for stolen credit card info I suppose. What I have been wondering is how they pay for those.
has its cloud
The one with the sow's ear in the pocket, thanks.
I find it hugely ironic that today's register is plastered with cloud adverts upon loading this story :o)
Can't fault the hackers with using the tools with the most bang per buck. Much more cost effective than buying or building your own cluster and probably cheaper than renting a botnet.
it is the same thing that most zombie hunters use a gunn and moore. Nothings says thwack like a gunn and moore.
I have attack logs across my clients and in a high % of these the IP knocks on the door of a server somewhere.
Try RDPing into 195.88.202.193, this is the latest attack IP.
I don't bother emailing 'abuse@' or getting in touch with the host as its a waste of time.
So, this occurred before the PSN takedown, and on...what was it, the 21st? Sony take PSN down themselves, and meanwhile Amazon's cloud services vanish. It takes Sony a week to fess up that they'd been hacked, and that - yes, they took PSN down voluntarily. At this point, Amazon is putting the pieces back together, 'some data lost irretrievably...?
Anyone here *really* believe in coincidence?
Smells like the work of Oponn.
" It takes Sony a week to fess up that they'd been hacked"
No, they told us after about 2 days, they only told us the FULL details of what was taken after they has taken server snapshots and does forensic analysis...
Sadly, such facts fall on purposefully deaf ears here, as elsewhere.
Did they find a notepad saying "Anonymous, we are legion" on the server? Lol...
Could be wrong, but this makes it sound less like Anons work.
Anonymous would have filled all the servers with Gay porn, fetish anime and memes. Subtlety is not their strong suit.
cool. so i put up a server, annoy anonymous in some way and all the good stuff
gets given to me without any searching or effort on my part? teh 4wes0m3, TFW! ;-)
"In both cases, those tapping the Amazon cloud did so as paid customers"
Nice! Where do I sign up to be paid to use these services?
well, yes, sony has said when it will reopen. full functionality by the end of the month with some things working before then.
I have sites that are under random attack from Rackspace hosted sites, among others.
Time to add to the internet security playbook. If you run any kind of customer facing network, It's time that your firewalls and monitoring systems had rules for Cloud Computing sources. In fact I'd completely block their addresses on the firewalls and filters, set rules in the firewalls, filters and monitoring systems to check incoming packets for anything suggesting the packet claim from a cloud source, and once again block, quarantine and/or isolate such packets.
Last night PS firmware update 3.61 was published, along with a blog post telling us (what we already knew) that we will be required to change our PSN password when we first sign on to PSN after installing this update.
'twas a false dawn however... after applying the update I still couldn't sign-in to PSN ("down for maintenance") but it looks like things are starting to stir back to life.
YAY!
I think the term is clown computing rather than cloud.
Shove all your data on remote severs run by clowns with their head in the clouds when it comes to security.
I see what you did there. Hilarious. Do you write your own material? 'Cos that was priceless.
You know, with this level of wit and incisive analysis of recent trends in technology, I'm surprised the Reg haven't already offered you a permanent position. The world really, truly needs more input from you.
Well done!
</sarcasm>
Nope, not the work of Anonymous. Not their style. Filling it up with gay porn (like the defacement of the Taliban entry on Wikipedia last night), dragons f**king cars and pictures of pedobear maybe, but not hacking for monetary profit.
This is not the first time amazon or other rented servers have been used to exploit something. It happens more often than you think.
It used to be the case that if you sold someone military grade encryption (DES) you had to do checks into who they were and verify them, and even have them obtain a license from the DoD. Considering that Amazon is selling what amounts to supercomputing for hire, one has to wonder why they are not required by law to more carefully check their clients. The same would be true of any cloud vendor offering cloud computing services. I mean, in this case they're saying that the people who did this used fake information and stolen card numbers. I don't know, but it sure seems like those are things that should have prevented the account from being opened in the first place.
