Just days after Sony Pictures Entertainment agreed to show “The Interview” in theaters and online – going against the demands of hackers who breached the studio’s networks in November – Sony suffered yet another cyberattack, this time targeting its PlayStation Network.
The most recent attack, which began on Christmas Day, knocked the gaming network offline and prevented millions of users from accessing the system. The timing of the hack was especially harmful for Sony because many users returned PlayStation games they had gotten for the holiday assuming they weren’t working correctly.
“There’s been a bunch of people coming in saying their systems are broken when in reality it’s just that the networks are down,” said Game Stop manager Nelson Vasquez.
Despite the fact that the PlayStation attack followed the defiant release of “The Interview”, the two hacks don’t seem to be related. The most recent intrusion appears to have been perpetrated by a cybercriminal group known as the Lizard Squad, who also took responsibility for causing outages to the networks of Microsoft’s Xbox Live. Combined, both networks have approximately 160 million users around the world. While Microsoft was able to restore service to Xbox Live in just over a day, Sony’s network remained offline for four days.
Hackers utilized DDoS attacks to disrupt service
Cybersecurity analysts who investigated the disruptions said they seem to have been caused by distributed denial of service attacks. The DDoS technique works by having hackers overwhelm a targeted site with massive amounts of traffic until the network crashes. While frustrating for users and bad for business, the hack does not appear to have compromised any user information.
“DDoS is a very serious and frustrating problem because it’s so easy to launch these attacks,” said security researcher Brian Krebs. “In every case we’ve seen in the past, they’re a bunch of teenagers who live in their parents’ basements. These attacks are not sophisticated, and they let the kids who launch them feel like gods.”
Lizard Squad took responsibility for a number of other attacks against PlayStation Network, including one that occurred earlier in December and another in August. It is unclear if the group is also behind the breach of the gaming network Sony experienced back in 2011 in which personal data from nearly 80 million users was exposed.
Large scale attacks against enterprise networks are only going to become more common in the future, so it’s important that organizations implement a reliable defense strategy to protect against any possible threats they may be facing. Utilizing a layered security approach is one of the best ways to ensure that all endpoints are protected and a variety of attack methods can be defended against.