Sony PlayStation Back Online After DDoS Attack

A distributed denial of service attack (DDoS) by the nebulous hacking collective known as the Lizard Squad knocked out the Sony PlayStation Network (SPN) on Sunday, stranding many gamers with useless Sony PS devices for a few hours. The network is back online, but the perpetrators say that Xbox Live will be the next target.

The group, which appears to support ISIS, also sent a tweet to American Airlines this weekend claiming that there was a bomb on board a flight carrying Sony Online Entertainment president John Smedley. The flight, which had 179 passengers, was on its way to San Diego, but made an unplanned landing in Phoenix after the tweet went out. After being checked and cleared by bomb dogs, the flight got back on its way.

Sony confirmed the DDoS attack on Monday and said that there is no evidence of any personal data having been accessed—unlike in the case of the 2011 DDoS attack-and-hack that lasted for 24 days and resulted in millions of records of individual users being breached, including credit card information.

That incident affected 77 million PlayStation users with accounts on PlayStation Network, the Qriocity service and Sony Online Entertainment. The breach prompted a class-action suit brought by victims seeking financial recompense for what they alleged was Sony's negligence in data security, firewall readiness and data encryption—although it was dismissed after a US District judge found that the named plaintiffs in the suit were getting PSN services without a subscription, "and thus received the PSN services free of cost.”

This time, “the networks were taken offline due to a distributed denial of service attack. We have seen no evidence of any intrusion to the network and no evidence of any unauthorized access to users’ personal information,” Sony said. “The PlayStation Network and Sony Entertainment Network are back online and people can now enjoy the services on their PlayStation devices.”

Meanwhile, Lizard Squad has been making a lot of noise via Twitter, including making some bold claims against other organizations (example: “Just took Vatican City offline, all kuffar shall die. #ISIS #Jihad #ISIL #IS.”). It also said in a series of taunting tweets that it’s working to bring down Xbox Live as its next target, though so far no service interruptions have been noted. One example: “Sup XBL Login, just performing tests.”

Whether the threat is real or simply saber-rattling remains to be seen, but it’s clear that DDoS gambits are increasing in traffic volume and frequency.

"DDoS attacks have become the weapon of choice for the modern hacker,” said Marc Gaffan, co-founder and chief business officer at Incapsula, in an emailed comment. “Our own research supports this, finding that DDoS attacks just like the one that recently hit the PlayStation Network are up 240% in 2014. Attacks like this will continue to plague big name companies, thanks to the greater availability of resources for hackers.”

While this event was relatively short in duration, tha may not be the case for the next big targeting effort.

“Persistent DDoS attacks can sometimes last for weeks,” Gaffan said. “And in a time when anyone can Google up a 'botnet for hire' and use it to execute a 20-40Gbps attack, from several thousands of sources, organizations across the world need to re-evaluate their DDoS protection, or risk the consequences.”  

What’s Hot on Infosecurity Magazine?