How Lizard Squad Stole Christmas

[Shamus Young]

How Lizard Squad Stole Christmas

Shamus sets the record straight on the "hack" that took down the PlayStation and Xbox Live networks on Christmas day.

Read Full Article

 

[Barbas]

Once again, this was very illuminating. Thank you. Interesting site, by the way.

 

[rofltehcat]

I keep wondering: People always talk about computers when discussing botnets but what about smartphones? Looking at what stuff my parents' foster child downloads onto his phone I'd expect there to be millions of smartphones waiting for orders. The downloading behaviour of some friends of mine doesn't seem very safe either.

 

[StriderShinryu]

Solid article, though it still gives LS too much credit in implying that they had to have hacking knowledge/ability to access a botnet. I would have also liked to see mention of this sort of attack being possible on any gaming service given that part of the refrain following the attack was basically "Well, I'm a PC user so I don't care and it couldn't happen to me! Haha!" There is no reason a botnet couldn't be aimed at Steam just as easily as it was aimed at PSN and XBL. Yes, you'd still be able to play your games (as you largely could on PS4/XBOne if you knew what to do), but all of the online functionality including the store would be just as inaccessible as it was on console.

Anyway, I would imagine, and hope, that both Sony and MS patch their systems to provide better online/offline checks such that if their services do go down again you don't need to know any sort of solution and the system just goes offline on it's own.

 

[Pyrian]

Anybody else guessing that the networks just failed under Christmas morning pressure and there wasn't any significant DDOS at all? The suits have little incentive to admit culpability when they can just point at the sort of low level attacks they probably endure on a daily basis anyway.

 

[Sniper Team 4]

I found the thing a minor annoyance simply because I couldn't check in with friends, but I was still able to play games just fine. Thankfully most of my games are single player and don't require it to be hooked into the internet. I got a message saying, "Log in to access The Keep" when I fired up Dragon Age: Inquisition, but that was the last of it.

And excellent point about Microsoft's original plan to force the Xbox One to be online. I thought it was a bad idea because not everyone has reliable internet, or the internet at all, but the idea that an attack could force the system to shut down and thus turn your console into a paperweight didn't occur to me.

And yeah, that guy giving away free stuff to get the attack to stop? Didn't approve of that at all because yeah, now there's even more incentive for other groups to attempt this.

 

[RedEyesBlackGamer]

Anybody else guessing that the networks just failed under Christmas morning pressure and there wasn't any significant DDOS at all? The suits have little incentive to admit culpability when they can just point at the sort of low level attacks they probably endure on a daily basis anyway.

Lizard Squad said they were going to do that on Christmas on Twitter, apparently. So chances are there was an actual DDOS.

 

[Tanis]

Ya know what would be nice?

A tut on how to see if your PC is compromised and could be a bot.

I use MalwareBytes + SpybotSD + Win Defender, but I'm still worried that some idiot family member might have gotten something on my computer.

Plus, I seem to fix their crap on a weekly basis.

 

[Slegiar Dryke]

For as horrible as this year has been for cyber security issues, if the big companies don't learn from it, I doubt they EVER will until some SERIOUSLY big staff turnover occurs at the very highest levels of marketing and decision making. these people, for the most part, DO NOT understand the "toys" they play with for that extra bit of marketing buzz. It's pathetic and further highlights the issues visible between the growing power of technology and the cyber world, and the ineptitude of the people who effectively """matter""" over the ones who actually know what they're doing.

 

[Pyrian]

...significant DDOS...

So chances are there was an actual DDOS.

Sure, but there basically always is. If it hadn't been there, would the servers still have faltered under legitimate demand?

 

[Tohron]

I keep wondering: People always talk about computers when discussing botnets but what about smartphones? Looking at what stuff my parents' foster child downloads onto his phone I'd expect there to be millions of smartphones waiting for orders. The downloading behaviour of some friends of mine doesn't seem very safe either.

It's not just smartphones - another target for botnet creators is online appliances. It's becoming more common for household appliances to come with minor online conveniences - and the security surrounding them is rather lax (plus it's really difficult to determine whether an appliance is infected).

 

[Pyrian]

A tut on how to see if your PC is compromised and could be a bot.

I use MalwareBytes + SpybotSD + Win Defender, but I'm still worried that some idiot family member might have gotten something on my computer.

There are products specifically for botnets. I can't honestly tell you how well they work. My experience is that there is absolutely no on-computer dedicated program that will detect new malware for one to two weeks; it's almost as if the hackers can easily test their new packages against the latest AV programs or something /sarcasm. Luckily they don't seem to spread inside LAN's as easily as the old terrors used to. (Maybe that's intentional. The easiest way to find out your LAN is compromised is when the whole thing is compromised.)

We used to monitor the firewall. You'd be surprised at how easily normal browsing can be distinguished from malware at that level. Computer N5 is contacting unknown foreign sites with no DNS entry? Wipe.

 

[Vivi22]

Anybody else guessing that the networks just failed under Christmas morning pressure and there wasn't any significant DDOS at all? The suits have little incentive to admit culpability when they can just point at the sort of low level attacks they probably endure on a daily basis anyway.

Unlikely honestly. Sony and Microsoft would have to be even dumber than I already think they are to either not plan for an influx of new customers at Christmas, or to vastly underestimate how much traffic their servers would see. The former would be a mistake so stupid I don't have words for it, and the latter is unlikely because they of all people should know how many of their consoles are being sold in the lead up to Christmas and be upping their capacity accordingly.

 

[MoltenSilver]

This really shouldn't be something we have to keep hammering over and over again, but apparently in the world we live in it does; where both companies, and the consumers they keep trying to screw, need to be reminded as often as possible that these server setups are not reliable in any sense, and absolutely unfit for purpose for the direction these companies keep trying to pull. The last section of this article needs to be truly taken to heart by as many people as possible. At this point I almost wish the Xbox 1 had stuck with online only so that Christmas could finally have been the catastrophe big enough to kill this whole online-only concept stone dead forever.

"Well, I'm a PC user so I don't care and it couldn't happen to me! Haha!" There is no reason a botnet couldn't be aimed at Steam just as easily as it was aimed at PSN and XBL. Yes, you'd still be able to play your games (as you largely could on PS4/XBOne if you knew what to do), but all of the online functionality including the store would be just as inaccessible as it was on console.

Anyway, I would imagine, and hope, that both Sony and MS patch their systems to provide better online/offline checks such that if their services do go down again you don't need to know any sort of solution and the system just goes offline on it's own.

While I take your point about sneering Glorious Master Race PC users mocking console owners as being sadly very true regarding their naivety, one thing I must point out is that a big part of the reason Steam doesn't catch flak the same way Microsoft, Sony, EA, Blizzard etc do is because it was built with the offline mode and the assumption people can't be connected 24/7 as a principle of its design, and while it had a rocky start it was given attention and fixed. On the other hand, all of the others listed above were (as far as I can tell from my perch as consumer with only the public actions to interpret their intentions) built entirely with the assumption that everyone has uninterrupted internet and their servers were flawless with offline being a mere neglected afterthought (if at all, if Microsoft had their way). Essentially, its done exactly what you suggested all these other corporations should do from right out of the gate, and apparently, given the low bar of competence set by the others, that's a rather praiseworthy decision in itself.

 

[Pyrian]

Sony and Microsoft would have to be even dumber than I already think they are to either not plan for an influx of new customers at Christmas, or to vastly underestimate how much traffic their servers would see.

This would be a more compelling argument if it weren't for the fact that virtually every popular game sees server overload at release.

 

[RhombusHatesYou]

I'm still worried that some idiot family member might have gotten something on my computer.

Heh... You could always do what I've done when I've shared living space with others - put password barriers on the BIOS and the OS. I really don't like other people touching my computer without my knowledge.

 

[SandroTheMaster]

Sony and Microsoft would have to be even dumber than I already think they are to either not plan for an influx of new customers at Christmas, or to vastly underestimate how much traffic their servers would see.

This would be a more compelling argument if it weren't for the fact that virtually every popular game sees server overload at release.

Or... you know... the great Diablo III launch fiasco, where if it wasn't the servers committing suicide it was the installs and downloads messing up somehow. If it wasn't that it was the log-in breaking the connection in such new and inventive ways it required you to CREATE A NEW WINDOWS ACCOUNT AND PLAY IT FROM THERE. And if you somehow miraculously jumped over all these hops, the lag was so massive you could actually die in the Normal Difficulty. Until you were kicked out of the game and lost a couple levels worth of progress, that is (gold and all). And I can't believe I SUFFERED ALL OF THESE and still came back for that game afterwards. It's like Stockholm Syndrome. Yeeesh.

 

[RealRT]

Wow, when I opened the article, I didn't expect for it to actually explain to me HOW did the Lizard Squad "steal Christmas". Thank you for another great piece of insight, Shamus.

 

[Eve Charm]

Maybe I need a tin foil hat or something but is it just me that thinks the whole "Lizard squad we're being hacked!" is just a clever cover up for the networks ALWAYS going down at christmas when there are new system owners, new games and every one of them needs gigs of updates to even work out of the box.

I assume MS just got their crap together first since it had more servers then sony.

 

[Redlin5_v1legacy]

Strange that I should already know this just by skimming and lurking on the internet already. Botnets I've known about for years and the vulnerability of inexorably tying someone's product experience to an online service that may be vulnerable to this kind of attack at anytime seems obvious. Incredibly obvious.

So...

Why don't any of the marketers and executives know anything about this?

Pessimistically, the know and don't care. Realistically they don't have the time of day for their engineers. They're the people who make the wheels turn after all, not the ones who direct them one way or the next.

I don't want more Lizard Squads or Lulzsecs in the future but if companies keep making it this easy... *shrug*

Seems like personal internet security is more important than ever before folks. Just watch where you click.