Tuesday, May 24, 2011
Maintenance, New Attacks Disrupt Sony Networks
Sony's networks were again disrupted by maintenance and new break-ins in Greece and Japan. During maintenance for the PlayStation Network and other sites, registration and password resets were inaccessible. Meanwhile, hackers obtained user databases from Sony in Greece and Japan, and a phishing attack was based on Sony's Thailand servers.
Up, down ... up, down. Sony's networks, which have been slowly coming back online, had account management shut down Tuesday as a result of system maintenance. And there are reports of new break-ins at Sony online properties in Greece and Japan.
The scheduled maintenance was to last until about 5 p.m. Pacific time. The company said that, during this time, "registration and account management will be inaccessible, including the password-reset process." It added that some users "may experience difficulty signing in" to the PlayStation Network, but the majority would be able to play online and sign in to external sites that require PSN authentication.
Sony is requiring users to reset their passwords after weeks of outages for its networks. At first, the surge of users doing so brought the network Relevant Products/Services to its virtual Relevant Products/Services knees, and then the company had to deal with an apparent security Relevant Products/Services vulnerability relating to password resetting.
That security hole enabled anyone with the date of birth and e-mail address of the account holder to reset the password. Birth dates and e-mail addresses of up to a hundred million users were among the unencrypted data Relevant Products/Services that Sony believes may have been taken during the initial outage Relevant Products/Services beginning April 20.
After the ID breach, the company was criticized by industry observers and some members of Congress for not quickly revealing that users' personal data might have been taken. The initial breach was noticed by Sony on April 19, the PlayStation Network was shut down on April 20, and users were notified of the data breach and possible loss of personal information on April 26.
Sony executive Kazuo Hirai recently said "aggressive actions" are being taken to address the vulnerabilities that led to the unprecedented outage. The actions, he said, include advanced security technology Relevant Products/Services, increased levels of encryption, additional firewalls, and early warning systems.
Sony Sites in Greece, Japan
But some Sony watchers have recently contended that the company's networks did not use the most recent versions of key software Relevant Products/Services before the initial break-ins.
Hackers who may have been involved in the original break-in posted server logs that indicate the company used version 4.4 of OpenSSH, instead of the most recent 5.7. Additionally, Sony apparently used an older version of Apache server software.
The company also announced, contrary to reports throughout the past week, that its PlayStation Store would not go back online Tuesday. It said it is targeting restoration of the store Relevant Products/Services by the end of this month.
On Sunday, there were reports that the Sony BMG site in Greece had been attacked. An anonymous hacker posted online a database of usernames, real names, and passwords that were allegedly from users on the site.
On Monday, the hacker group Lulz Security is believed to have obtained user databases from Sony's music site in Japan. The hackers reportedly left a message chiding Sony for its lack of security and unprotected databases.
Meanwhile, a phishing attack that targeted an Italian credit-card company was discovered to have been based on servers for Sony's Thailand site.