What Can Your Security Team Learn From The Take Down Of The Playstation Network?

No matter how big the corporation is and how much they have invested in the security of their network, one little mistake in the system is all that it takes. This is a lesson that big networks have to face at some point in time and just recently Sony has seen it in play firsthand. In this article I will take a look at the take down of the Sony Playstation network and what could have been done to prevent it. I will also take a look at what to do when the inevitable does happen.

sony playstation network hacked

picture courtesy of my daughter :)

The background of the story

The main point of this article is what happened to the Playstation network owned by Sony. Some of you might not know what this is if you are not an avid video game player so I will attempt to fill in some of the background story before I continue. I will then go into the lapse in security measures.

For the last ten years gaming online has been a pretty popular thing to do. With their latest incarnation of the Playstation video game system, Sony decided that they were going to let their players play online as well. But while their competitor, XBox, has a closed system, the Sony online Playstation experience is free and it allows anyone to play. But because it is a bit more open than the XBox version, it is not as seamless an experience.

Recently, there was an attack on the Playstation network which shut it down completely. Players who had bought games just so that they could play online were not able to get on the network. It took a long time for them to be able to get the system back up. This means that the rogue black hat hacker was able to do a lot of damage on the system. If the damage was not severe then the network would have only been down for a matter of hours. How could a company like Sony allow this to happen to one of their server farms?

How it happened

While we do not know all of the details of the attack, we know enough that it is hard to imagine how all of this damage could have been done to a major system like this. First of all, you would think that the company the size of Sony and their Playstation division would have adequate backups of their network. Having backups of your system means that even though your system might be damaged, you can just run the day old back up and it will still be operational. Apparently they did not have a set up like this. They may have had a few backups on their system but apparently not enough or their whole system would not be down.

Also it has been reported that the bad guys were able to get secret passwords that allowed them to take control of the entire network. Most networks of a large size have segments and only certain people are allowed to have access to each segment. The only people who would have access to all of the segments was someone who had a very high ranking with the Sony networking team. This again is another security foul up that could have been avoided. If a person is able to get the security credentials to be able to access your whole network then you know that there has to be serious changes made. Most attacks lead off by someone getting the security credentials from a low level employee. It sounds like that did not happen in this case. They were able to get security clearances for the whole network, meaning that they were able to get the credentials from someone in a high ranking position.

What should your company learn from an event like this?

There are a number of things that can be learned from this event. First of all, do not make the hacker community mad if at all possible. Some people feel that this event was triggered by the fact that Sony sued a hacker named Geo Hot for hacking parts of the Playstation then releasing the information publicly. That is of course speculation but it sounds very reasonable.

Another thing that your company can learn is to make sure that you have outside consultants come in and run a check on your network. I am sure that Sony had some of the best people in the business guarding their network but sometimes you need a fresh pair of eyes to see the security holes.

And the last thing that your company should learn is to make sure that you have a proper security clearance policy set up. While we do not know the exact details of Sony’s security clearance policy, the fact of the matter is that it did not work. The bad guys were able to gain full access to the entire network. They were able to do enough damage that it took two weeks to get it back online.

And thats not even touching on the not so small issue of some 100 million + users maybe having their personal information stolen. Whoops!

Just as you can learn from victory, you can learn from failure as well. Take a look at what Sony did wrong to help your company in the long run.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Trackbacks

  1. […] than the others around you. If you are older than 40, then you may have grew up in a time when video games were made for young kids and something that only geeks took part in. But if you are a person that […]

  2. […] that they bought. For payback, the black hat hacker community decided that they were going to take down the PSN online gaming network. This meant that millions of people who paid for online access would not be able to get it through […]

Speak Your Mind

*