F#*king Lizard Squad

[Stranger]

Here's a youtube of the interview:

I can't pretend to know what is really going on here, and who's agenda's are being served (it does seem like this is a coordinated attack on Sony), but these kid's being interviewed have a valid point, which is... isn't it the company's responsibility for designing, distributing and selling a product that is reasonably safe from hacker attack. And, if attacked, can recover from said attack in a reasonable period of time.

Is it really true that it took Sony more than 14hrs to get their DNS servers back online? If that's the case, that's ridiculous for a global multi-national corporation. I'd fire our tech staff if our DNS servers were down that long.

 

[fearsomefour]

I can't pretend to know what is really going on here, and who's agenda's are being served (it does seem like this is a coordinated attack on Sony), but these kid's being interviewed have a valid point, which is... isn't it the company's responsibility for designing, distributing and selling a product that is reasonably safe from hacker attack. And, if attacked, can recover from said attack in a reasonable period of time.

Is it really true that it took Sony more than 14hrs to get their DNS servers back online? If that's the case, that's ridiculous for a global multi-national corporation. I'd fire our tech staff if our DNS servers were down that long.

Someone came into my house and stole some stuff about a year and a half ago. Turns out I left the front door unlocked when I went to work.
That was clearly a foolish oversight on my part....but, that does not make me responsible for them stealing my stuff.
Same thing applies here.

 

[Stranger]

Someone came into my house and stole some stuff about a year and a half ago. Turns out I left the front door unlocked when I went to work.
That was clearly a foolish oversight on my part....but, that does not make me responsible for them stealing my stuff.
Same thing applies here.

I think your analogy needs the following alteration.

Let's say that you locked your door last yr instead of forgetting to lock it. The lock manufacturer produced a defective lock, which allows someone with a different key to open it. While at work, someone uses one of these alternate keys to enter your house, alter your TV set so it won't turn to the right station for 14hrs, and then leaves. They didn't steal anything.

Now, isn't the lock mfg culpable here? Especially when the mfg charged premium prices for its lock, and provided no indication at all as to the potential lock vulnerability?

Bottom line, Sony should not be in the proprietary network business if it can't secure its own network, or if it is too cheap to do it. Furthermore, these breaches are preventable. How do feel knowing that Sony could have prevented these attacks, but chose not to budget for these steps?

 

[Boffo97]

From everything I've heard, these are DDOS attacks, which work by overloading networks. There's only so much that can be done to prevent them as it would be like trying to design a road so wide that no number of people could ever block it. And Sony and Xbox get a lot of them because attacks on them get media mention.

 

[Stranger]

From everything I've heard, these are DDOS attacks, which work by overloading networks. There's only so much that can be done to prevent them as it would be like trying to design a road so wide that no number of people could ever block it. And Sony and Xbox get a lot of them because attacks on them get media mention.

Encrypt the server volumes. That will prevent a breach in integrity upon ddos reboot.

 

[Boffo97]

Encrypt the server volumes. That will prevent a breach in integrity upon ddos reboot.

I admit I'm not an expert in this field so I could be missing something, but I don't think this will help. These are servers that are meant to be publicly accessed by game players, so the issue isn't just keeping the DDOS attackers out, but letting the legitimate consumers in.

 

[bluecoconuts]

There's not really much you can do about preventing the DDOS attacks, part of the problem is Sony never really does much about it. They get attacked a lot, partly due to the fact they have pissed off hacker groups in the past, and thus are a favorite target, and partly because they make it easy. You think they would put some money into this, but they just don't, so they're a very easy target. Its almost like a bank that keeps being robbed just continues to keep its money out and essentially unguarded. They're also slow to react, which is why the downtime is worse than Microsoft.

Its funny, Microsoft has done some od the same things that drew the attention of hackers to Sony, but they haven't been targeted nearly as much. Part because they put more focus on their system and security, as well as respond quicker, but mostly because they're not the punching bag that Sony has been.

These attacks aren't really designed to send a message though, they claim they are, but it's about being jackasses and inflicting punishment. Sony could end world hunger and they would still get attacked. Easy target.

 

[Stranger]

I admit I'm not an expert in this field so I could be missing something, but I don't think this will help. These are servers that are meant to be publicly accessed by game players, so the issue isn't just keeping the DDOS attackers out, but letting the legitimate consumers in.

You can't necessarily prevent a DDOS attack leading to a server reboot. But what you can do is encrypt your drives such that when the server comes back online you can't compromise it any further until you decrypt the encrypted volumes. This volume decryption requires some level of user challenge, which only your top level sysadmins have access to.

What this means is that a DDOS attack can take a server down. But it can't restore it in a compromised state. It's then up to the sysadmins to decide whether they bring the box back up, or restore it to its default configuration before bringing back up, or taking off-line permanently.

Bottom line - Sony can solve this problem permanently. But they haven't. That's on Sony, not on some kid hackers (if that's the story we're going to believe)

 

[fearsomefour]

I think your analogy needs the following alteration.

Let's say that you locked your door last yr instead of forgetting to lock it. The lock manufacturer produced a defective lock, which allows someone with a different key to open it. While at work, someone uses one of these alternate keys to enter your house, alter your TV set so it won't turn to the right station for 14hrs, and then leaves. They didn't steal anything.

Now, isn't the lock mfg culpable here? Especially when the mfg charged premium prices for its lock, and provided no indication at all as to the potential lock vulnerability?

Bottom line, Sony should not be in the proprietary network business if it can't secure its own network, or if it is too cheap to do it. Furthermore, these breaches are preventable. How do feel knowing that Sony could have prevented these attacks, but chose not to budget for these steps?

Well said.

 

[Boffo97]

You can't necessarily prevent a DDOS attack leading to a server reboot. But what you can do is encrypt your drives such that when the server comes back online you can't compromise it any further until you decrypt the encrypted volumes. This volume decryption requires some level of user challenge, which only your top level sysadmins have access to.

What this means is that a DDOS attack can take a server down. But it can't restore it in a compromised state. It's then up to the sysadmins to decide whether they bring the box back up, or restore it to its default configuration before bringing back up, or taking off-line permanently.

Bottom line - Sony can solve this problem permanently. But they haven't. That's on Sony, not on some kid hackers (if that's the story we're going to believe)

But I still don't think that works because you're only addressing the problem of keeping the hackers out... not letting the millions of people who are using the network for its intended purpose back in.

 

[Stranger]

But I still don't think that works because you're only addressing the problem of keeping the hackers out... not letting the millions of people who are using the network for its intended purpose back in.

So, you setup a global grid of cheap servers, like Amazon & Google have. All are identical, can be easily, cheaply & quickly swapped out of the network. As hackers compromise a server, you remove it from the network until it can be validated and re-inserted into use.

So, you're right, Sony can't protect each individual server. Servers can be attacked and taken out of services. They can't be compromised in this model. So, what it can do is create a global grid that is robust and can withstand hacker attack while not compromising the data or denying service to it's high-paying customers.

This has all been done before. Unfortunately, it seems we have to weather this mistake everytime someone gets too big too quickly, as we've seen Facebook and other fast emerging companies experience this kind of mistake. But to watch major multi-nationals like Sony & Target experience this is beyond ridiculous. This hyper-inflated ego's of these company execs should be sent packing immediately, for they haven't a clue what they are doing. Amy Pascal rose from an admin to CEO for gods sake, she hasn't a clue.

 

[Boffo97]

So, you setup a global grid of cheap servers, like Amazon & Google have. All are identical, can be easily, cheaply & quickly swapped out of the network. As hackers compromise a server, you remove it from the network until it can be validated and re-inserted into use.

I'm pretty sure Sony HAS done that. The problem is that with this kind of attack, it's pretty easy to switch the target to another server. This isn't a HACK after all, this is an OVERLOAD.

Sony (and Microsoft) just gets these attacks at times because they are so visible and will result in certain media attention, but Google gets them too.

 

[Stranger]

I'm pretty sure Sony HAS done that. The problem is that with this kind of attack, it's pretty easy to switch the target to another server. This isn't a HACK after all, this is an OVERLOAD.

Sony (and Microsoft) just gets these attacks at times because they are so visible and will result in certain media attention, but Google gets them too.

If they had done that, then there is no way, no way, anyone gets their hands on Sony data (except for perhaps the DIA, NSA, or CIA). Also, there is no way someone can take an entire network down if is properly distributed.

Google & Amazon are the subject of an unknown quantity of hacks. But you don't hear them going down.

 

[Boffo97]

If they had done that, then there is no way, no way, anyone gets their hands on Sony data (except for perhaps the DIA, NSA, or CIA). Also, there is no way someone can take an entire network down if is properly distributed.

Google & Amazon are the subject of an unknown quantity of hacks. But you don't hear them going down.

The problem being discussed here isn't about DATA. It's about the servers being overloaded to deny service to legitimate customers. And like I said, you can't design a road so wide that no amount of people could ever block it.

As far as data protection goes, I agree with you that a lot of major companies need to do more.

 

[Mackeyser]

Well, there are really two issues here. Script kiddies can generate DDOS attacks. They are not difficult to create and can be done with rudimentary scripting knowledge. What's sad is that Sony, unlike other companies, hasn't done what they need to do in order to minimize or even mitigate their exposure.



Sony was also hacked (I'm beginning to seriously doubt that the North Koreans had anything to do with it based on substantive evidence coming to light) and the hackers took real data including social security numbers of employees. Sony had actually been sued several times expressly due to their inability to secure employee data. One former IT staffer called their security "a joke".



Now... Script kiddies are not hackers any more than I'm a novelist because I write long posts. It turns out Sony was victimized by both.



Now, the DDOS attacks aren't entirely preventable, but that's not to say that Sony did everything that they should have done, either. They didn't, a point reinforced when they were hacked.



If Sony doesn't want to be in the private network business, farm it out to akamai or go or Level 3. There is no excuse for exposing employees to potentially personal and financial danger as well as offering a substandard product