Sony Servers Infiltrated Abroad, Twice

[JDKJ]

That doesn't give these hackers a free pass to steal 70+ million customers their personal information and potentially credicards, along with several other thousand from other sites. I don't care how big of an asshole the company is, you don't attack victim to deter the bully. These attacks, if truly to "teach Sony a lesson", are the worst form of teaching I've seen in a while.

I haven't heard of a majority of those 70 million having their credit cards or personal information used, though. The only inconvienience most of them had was having to change their password and having PSN be down for a bit. Sony are the ones that felt the brunt of the attacks, having their credibility and wallet take a hit and having to be in a position to earn trust back from consumers. The attack was effective in the endgame.

That's a very narrow way to look at the situation. What about all the game publishers (both major and independent) who are taking a hit in their wallets? Who had a release date that just so happened to fall smack-dab in the middle of the downtime? And it's not just game publishers. The music publishers on Qriocity (both major and independent) ain't selling a thing there when that site's taken off-line. If the purpose of this nonsense is to teach Sony a lesson for whatever its done, what have the game and music publishers done that also requires that they be taught a lesson? To me, they look like innocent bystanders caught in the crossfire, taking a huge hit in their wallets.

 

[JDKJ]

That can be easily accomplished without stealing a single iota of personal data. Just do the exact same thing the hackers/crackers/whatever did, except leave the customer's data alone. Continue to do so, if need be, to prove your point.

You are aware it's entirely possible the hackers did exactly that, right? All we know is that they could have stolen customer data if they wanted. Without that potential threat, Sony doesn't have to shut down PSN and they don't lose as much money and reputation. Your posts confuse me.

According to Sony, they shut down the network long before they had determined what and how much data had been accessed.

 

[zehydra]

People need to realize that this isn't just a "gang of bored teenagers"

 

[JDKJ]

People need to realize that this isn't just a "gang of bored teenagers"

If you can tell us who it isn't, I assume you can tell us who it is. That's the more useful information and that which I'll be eagerly waiting on you to share.

If you can't tell us who it is, I assume you have no knowledge of who it isn't.

 

[The Random One]

IT security company F-Secure reports [http://www.f-secure.com/weblog/archives/00002160.html] the discovery of a phishing site recently running through the use of a Sony Thailand server. The scheme targeted an Italian credit card company. F-Secure adds that while this is a malicious hack, the server used is "probably not very important."

This is looking more and more like a William Gibson/Neil Stephenson/Cory Doctorow novel.

 

[sunburst]

According to Sony, they shut down the network long before they had determined what and how much data had been accessed.

Yeah, you're right. Didn't think my post through enough. Sony would still be in a vastly superior position if they found nothing was accessed. Would have just involved some PSN downtime easily justified by saying they want to preemptively buff their security to protect their customers.

 

[Mr.Petey]

It's not cool, it's funny.

You know why? because it's so increadibly mean to others than me.

Saw this earlier on twitter. Hilarious as an xbox owner.

Hackers: 6 Sony:0

Think you'll find the Nelson Muntz cosplay section down the hall and to your right folks. Please take the "Ha ha!" elsewhere for now. Thank you for your time ^_-

OT however this is low now. A lot of companies face cyber attacks on a daily basis, some more successful than others and it's not fair that Sony is the constant high profiletarget of lower lifeforms sucking at the teet of oxygen flowing into their basements

 

[chronobreak]

That's a very narrow way to look at the situation. What about all the publishers (both major and independent) who are taking a hit in their wallets? Who had a release date that just so happened to fall smack-dab in the middle of the downtime? And it's not just game publishers. The music publishers on Qriocity ain't selling a thing there when that site's taken off-line. If the purpose of this nonsense is to teach Sony a lesson for whatever its done, what have the publishers done that also requires that they be taught a lesson? To me, they look like innocent bystanders caught in the crossfire, taking a huge hit in their wallets.

Not knowing who these people are, I guess I would assume anything else was considered collateral damage by the hackers, right? A specified attack for a specific purpose that affected a broad array of services, which to me seems like what they might want to accomplish, or at least what any attacker (or terrorist, which is more like what these guys are) would consider a succesful operation. Affect multiple targets using minimal resources. Of course I don't think it is necessarily right or fair, but I doubt they took Qriocity or publishers into consideration. I guess they could also argue that anybody doing business with Sony is an acceptable target.

 

[JDKJ]

That's a very narrow way to look at the situation. What about all the publishers (both major and independent) who are taking a hit in their wallets? Who had a release date that just so happened to fall smack-dab in the middle of the downtime? And it's not just game publishers. The music publishers on Qriocity ain't selling a thing there when that site's taken off-line. If the purpose of this nonsense is to teach Sony a lesson for whatever its done, what have the publishers done that also requires that they be taught a lesson? To me, they look like innocent bystanders caught in the crossfire, taking a huge hit in their wallets.

Not knowing who these people are, I guess I would assume anything else was considered collateral damage by the hackers, right? A specified attack for a specific purpose that affected a broad array of services, which to me seems like what they might want to accomplish, or at least what any attacker (or terrorist, which is more like what these guys are) would consider a succesful operation. Affect multiple targets using minimal resources. Of course I don't think it is necessarily right or fair, but I doubt they took Qriocity or publishers into consideration. I guess they could also argue that anybody doing business with Sony is an acceptable target.

Not if you look at the situation in the same way as did Anonymous (not to suggest they're in any way involved with anything more than a DDoS). They acknowledged that the collateral consequences of their DDoS attack on Sony (i.e., the damage to the consuming public) was undermining their own efforts to make whatever political statement they were trying to make. The more innocent victims that become collateral damage to a terrorist attack, is, I assume, the more unlikely that the terrorists will garner public support to their cause. Besides, collateral victims tend to make a terrorist organization look like bungling idiots who can't manage to take out their intended target without also taking out everyone else within a ten block radius.

 

[Jumplion]

If Sony were a My little Pony, it would have a bull's eye on it's rump.
This what happens when your try to restrict your customers' services.

....by stealing millions of people's information and continuing to harass the customer?

See, I never understood the argument of "this is what happens when you do this and this and this and yadda yadda yadda" because it's not helping their cause in any way whatsoever. If these hackers wanted to send a message of "don't fuck with your consumers", then their M.O. isn't exactly the best way to show that message.

Does Sony deserve some of this? Probably, I have no idea at this point. Do the consumers deserve this shit? I don't think so, no. Any semblance of altruism in these hackers must be filtered through their warped sense of justice. But they're not "for the people". They weren't the moment they stole the customer's information, the people that some say they're trying to defend, which is absolutely ridiculous.

Now it's just assholery. These continued hacks do nothing to support any cause, they're just dicks at this point.

Actually the hackers never stated an intent. In fact, no one truly knows who they are.

Yeah, that was somewhat my point. These hackers have never really shown us their true "intent", anything else is just presumption, and considering that they've stolen millions of people's data, along with causing various developers/publishers to feel the burn as well, somehow I doubt this was an altruistic attack...

 

[Snotnarok]

A company screws up, make them pay for it, don't make the people pay for it. This is exactly what they're doing, making the people pay and it's just not the right thing to do.

 

[Nitro_Hedgehog]

this probably would not have happened if Sony had not gone out of their way to attempt to prosecute the dude who released the master code to the PS3. (in my opinion anyway)

this is just the community's way of saying "don't screw with us". i don't support hacking a big, powerful company just because they do unethical things but Sony earned their bad karma this time around...

 

[MurderousToaster]

This is, to be honest, going beyond the "Hey, Sony fucked up a bit, give them a break." territory and into the "Seriously, guys? How shit can your security possibly be?" area.

 

[googleback]

So is like the cool thing to do now?

Because if it is these people need to get a life and stop.

Yeah, that's how it appears. I think Hacking Sony has become a sort of in joke among hackers...

 

[Firehound]

Saw this earlier on twitter. Hilarious as an xbox owner.

Hackers: 6 Sony:0

Seriously, Sony, get your act together.

 

[samsonguy920]

If Sony were a My little Pony, it would have a bull's eye on it's rump.
This what happens when your try to restrict your customers' services.

....by stealing millions of people's information and continuing to harass the customer?

See, I never understood the argument of "this is what happens when you do this and this and this and yadda yadda yadda" because it's not helping their cause in any way whatsoever. If these hackers wanted to send a message of "don't fuck with your consumers", then their M.O. isn't exactly the best way to show that message.

Does Sony deserve some of this? Probably, I have no idea at this point. Do the consumers deserve this shit? I don't think so, no. Any semblance of altruism in these hackers must be filtered through their warped sense of justice. But they're not "for the people". They weren't the moment they stole the customer's information, the people that some say they're trying to defend, which is absolutely ridiculous.

Now it's just assholery. These continued hacks do nothing to support any cause, they're just dicks at this point.

Yes it is assholery but the thing is Sony wouldn't have been targeted if they hadn't tried to stop people from jail-breaking the PS3, or given them reason to. Once people started screwing around with the PS3, it was only a matter of time before someone used that knowledge maliciously.

There is nothing justified in this. There is robbing a bank for what is in the teller drawers, and then there is robbing the bank for what is in the safety deposit boxes. The first doesn't hurt the customers at all(except for a small pinch from each taxpayer to reimburse the FDIC), the second doesn't hurt the bank but steals from the customers. The latter is what is going on here and these people need to be found and put in jail. Dragged in the streets first and then thrown in the lockup.
If these people want to hurt Sony, then they need to be finding Sony's own personal and financial info, not every customers'.
Addendum:

Seriously, Sony, get your act together.

Considering these attacks are on completely different servers and are targeting different things than before, it is fallacy to expect Sony to be on top of this. If there is one thing that should be taken seriously, it is the fact that these hackers are getting away with too much shit that is only hurting regular people like you or me. Where the hell are the federal governments on this? Where are the laws that will actually put hackers behind bars for a decent amount of time? This is going on because these dipshits know they can get away with it. Not just because they are hard to find, but because when they do get caught they will only get a slap on the wrist.

 

[JDKJ]

If Sony were a My little Pony, it would have a bull's eye on it's rump.
This what happens when your try to restrict your customers' services.

....by stealing millions of people's information and continuing to harass the customer?

See, I never understood the argument of "this is what happens when you do this and this and this and yadda yadda yadda" because it's not helping their cause in any way whatsoever. If these hackers wanted to send a message of "don't fuck with your consumers", then their M.O. isn't exactly the best way to show that message.

Does Sony deserve some of this? Probably, I have no idea at this point. Do the consumers deserve this shit? I don't think so, no. Any semblance of altruism in these hackers must be filtered through their warped sense of justice. But they're not "for the people". They weren't the moment they stole the customer's information, the people that some say they're trying to defend, which is absolutely ridiculous.

Now it's just assholery. These continued hacks do nothing to support any cause, they're just dicks at this point.

Yes it is assholery but the thing is Sony wouldn't have been targeted if they hadn't tried to stop people from jail-breaking the PS3, or given them reason to. Once people started screwing around with the PS3, it was only a matter of time before someone used that knowledge maliciously.

There is nothing justified in this. There is robbing a bank for what is in the teller drawers, and then there is robbing the bank for what is in the safety deposit boxes. The first doesn't hurt the customers at all(except for a small pinch from each taxpayer to reimburse the FDIC), the second doesn't hurt the bank but steals from the customers. The latter is what is going on here and these people need to be found and put in jail. Dragged in the streets first and then thrown in the lockup.
If these people want to hurt Sony, then they need to be finding Sony's own personal and financial info, not every customers'.
Addendum:

Seriously, Sony, get your act together.

Considering these attacks are on completely different servers and are targeting different things than before, it is fallacy to expect Sony to be on top of this. If there is one thing that should be taken seriously, it is the fact that these hackers are getting away with too much shit that is only hurting regular people like you or me. Where the hell are the federal governments on this? Where are the laws that will actually put hackers behind bars for a decent amount of time? This is going on because these dipshits know they can get away with it. Not just because they are hard to find, but because when they do get caught they will only get a slap on the wrist.

I dunno 'bout that "slap on the wrist" you claim. The federal wire fraud statute (which covers cyber-crimes) carries a maximum prison sentence of 20 years on each count. Albert Gonzalez, the guy who masterminded the TJ Maxx hack, got a 20 year federal prison sentence. That's no "slap on the wrist." Plus, as part of his plea agreement, he had to forfeit a Miami condo, a BMW 330i, a Tiffany diamond ring, three Rolex watches, and more than $1.65 million in cash.