No matter how big the corporation is and how much they have invested in the security of their network, one little mistake in the system is all that it takes. This is a lesson that big networks have to face at some point in time and just recently Sony has seen it in play firsthand. In this article I will take a look at the take down of the Sony Playstation network and what could have been done to prevent it. I will also take a look at what to do when the inevitable does happen.
The background of the story
The main point of this article is what happened to the Playstation network owned by Sony. Some of you might not know what this is if you are not an avid video game player so I will attempt to fill in some of the background story before I continue. I will then go into the lapse in security measures.
For the last ten years gaming online has been a pretty popular thing to do. With their latest incarnation of the Playstation video game system, Sony decided that they were going to let their players play online as well. But while their competitor, XBox, has a closed system, the Sony online Playstation experience is free and it allows anyone to play. But because it is a bit more open than the XBox version, it is not as seamless an experience.
Recently, there was an attack on the Playstation network which shut it down completely. Players who had bought games just so that they could play online were not able to get on the network. It took a long time for them to be able to get the system back up. This means that the rogue black hat hacker was able to do a lot of damage on the system. If the damage was not severe then the network would have only been down for a matter of hours. How could a company like Sony allow this to happen to one of their server farms?
How it happened
While we do not know all of the details of the attack, we know enough that it is hard to imagine how all of this damage could have been done to a major system like this. First of all, you would think that the company the size of Sony and their Playstation division would have adequate backups of their network. Having backups of your system means that even though your system might be damaged, you can just run the day old back up and it will still be operational. Apparently they did not have a set up like this. They may have had a few backups on their system but apparently not enough or their whole system would not be down.
Also it has been reported that the bad guys were able to get secret passwords that allowed them to take control of the entire network. Most networks of a large size have segments and only certain people are allowed to have access to each segment. The only people who would have access to all of the segments was someone who had a very high ranking with the Sony networking team. This again is another security foul up that could have been avoided. If a person is able to get the security credentials to be able to access your whole network then you know that there has to be serious changes made. Most attacks lead off by someone getting the security credentials from a low level employee. It sounds like that did not happen in this case. They were able to get security clearances for the whole network, meaning that they were able to get the credentials from someone in a high ranking position.
What should your company learn from an event like this?
There are a number of things that can be learned from this event. First of all, do not make the hacker community mad if at all possible. Some people feel that this event was triggered by the fact that Sony sued a hacker named Geo Hot for hacking parts of the Playstation then releasing the information publicly. That is of course speculation but it sounds very reasonable.
Another thing that your company can learn is to make sure that you have outside consultants come in and run a check on your network. I am sure that Sony had some of the best people in the business guarding their network but sometimes you need a fresh pair of eyes to see the security holes.
And the last thing that your company should learn is to make sure that you have a proper security clearance policy set up. While we do not know the exact details of Sony’s security clearance policy, the fact of the matter is that it did not work. The bad guys were able to gain full access to the entire network. They were able to do enough damage that it took two weeks to get it back online.
And thats not even touching on the not so small issue of some 100 million + users maybe having their personal information stolen. Whoops!
Just as you can learn from victory, you can learn from failure as well. Take a look at what Sony did wrong to help your company in the long run.