Sony PlayStation Network hack follow up

Posted by spaquet on May 14, 2011  |   Comments Off

Bloomberg News reported that the hackers who breached the security of Sony’s PlayStation network and gained access to sensitive data for 77 million subscribers used Amazon’s web services cloud to launch the attack.

The attackers rented a sever from Amazon’s EC2 service and penetrated the popular network from there, the news outlet said, citing an unnamed person with knowledge of the matter. The hackers supplied fake information to Amazon. to open a valid account (now closed).

Is Amazon cloud a hacker nest ?

German security researcher Thomas Roth earlier this year showed how tapping the EC2 service allowed him to crack Wi-Fi passwords in a fraction of the time and for a fraction of the cost of using his own computing gear. For about $1.68, he used special “Cluster GPU Instances” of the Amazon cloud to carry out brute-force cracks that allowed him to access a WPA-PSK protected network in about 20 minutes.

And in late 2009, a ZeuS-based banking trojan used the popular Amazon service as a command and control channel that issued software updates and malicious instructions to PCs that were infected by the malware.

More information can be found here (full Bloomberg article)

UP4B offers a wide range of process and network analysis to make sure that your network is protected against what is really important for your business: information leak, network protection (penetration testing,…), network availability and more.

Feel free to contact us for more information on our IT Security services and get your company IT Sec ready.

Tags: , , , ,