Discussion of the May 2011 SOE downtime. Now largely retired, as servers have been restored as of May 14 2011.

Moderator: Littlabit

Forum rules
"SAN DIEGO, May 14, 2011 - Sony Online Entertainment LLC (SOE) announced today that restoration of its game services will begin today. The phased restoration will include the return of nearly all of SOE's portfolio of online games, the reinstatement of SOE's game forums and websites, and added functionality to require players to reset their passwords."
Post Reply
User avatar
Posts: 774
Joined: Fri Nov 26, 2010 11:31 am
Location: The Siskiyou Mts of Southern Oregon


Post by Zahashah »

The Official Timeline Of The Playstation Network Breach…Outage Ongoing With No ETA
Posted by Isaac Steinberg on May 4, 2011 in Featured, PS3, Sony | Comments View Comments

So, why did it take so long for Sony to come clean on the breach? The original letter from Congress asked directly. Sony claims it wasn’t until April 25th, a full six days into the shutdown of PSN, that it knew the scope of the breach.

Sony first mentioned external intrusion on April 23rd, and then did not go into detail on the matter until April 26th. Sony maintains that “announcing partial or tentative information to consumers could cause confusion and lead them to take unnecessary actions if the information was not fully corroborated by forensic evidence.”

We beg to differ, this sounds more like Sony’s reputation was more important to them than taking every caution and letting its users know from day one that a breach in personal information was possible. What are you thoughts, please let us know in the comments or tweet us on Twitter @IDWT.

Tuesday, April 19 at 4:15PM PDT: Sony Network Entertainment America network team noticed several PSN servers in the San Diego, California data center re-booting when they weren’t scheduled to do so, and that “unplanned and unusual activity was taking place on the network.” Four servers were taken offline and an internal assessment began on the quartet. This continued through the evening.

Wednesday, April 20th: SNEA expanded the internal team to continue assessment of these four servers. By early afternoon, it discovered “the first credible indications that an intruder had been in the PlayStation network systems” and identified six more servers that might’ve been compromised. Additionally, there was “evidence that indicated an unauthorized intrusion had occurred and that data of some kind had been transferred off the PlayStation Network servers without authorization,” but it was unable to determine exactly what type of data has been transferred.

Later that afternoon, SNEA retains a “recognized security firm and forensic consulting firm to mirror the servers to enable forensic analysis to begin.” The letter here notes that many hours were needed to simply mirror the servers — by the afternoon of Friday, April 22nd, nine of the 10 servers were completely mirrored.

Thursday, April 21st: A second “recognized computer security and forensic consulting firm” was brought in to assist.

Friday, April 22nd: SCEA’s general counsel provided the FBI with information about the intrusion. “The forensic experts that Sony Network Entertainment America had retained had not determined the scope or effect of the intrusion at the time the FBI was contacted. A meeting was set up to provide details to law enforcement” for Wednesday, April 27 — five days later.

Saturday, April 23rd: Forensic teams confirm that intruders had managed to “obtain unauthorized access, hide their presence from system administrators, and escalate privileges inside the servers.” deleted log files to hide the extent of their work. The PlayStation Blog blames the downtime on an “external intrusion.”

Sunday, April 24th (Easter): Now that Sony “knew it was dealing with a sophisticated hacker,” it retains yet another firm. “Specifically, this firm was retained provide even more manpower for forensic analysis… and, in particular, to use their special skills to determine scope of the data theft.”

Monday, April 25th: Sony is able to confirm “the scope of the personal data that they believed had been taken but could not rule out whether credit card information had been accessed.” Sony still could not determine if credit card information had been accessed — “while no evidence existed… we ultimately could not rule out that possibility entirely based on the reports of the forensics team.”

Tuesday, April 26th: Sony makes its first public announcement, outlining what was taken and warning that credit card information might have been compromised. Seeing million or so fingers pointed in its direction, hacker collective Anonymous denies responsibility (“For Once We Didn’t Do It”). SNEA notifies “applicable regulatory authorities” in New Jersey, Maryland, and New Hampshire of the criminal intrusion. Sony says some services are expected to be restored “within a week,” which would’ve been May 3rd.

Wednesday, April 27th: SNEA notifies the regulatory authorities in Hawaii, Louisiana, Maine, Massachusetts, Missouri, New York, North Carolina, South Carolina, Virginia, and Puerto Rico. The PlayStation Blog publishes its first Q&A follow-up.

Thursday, April 28th: Q&A number two for the PlayStation Blog. It’s revealed both the Department of Homeland Security and FBI are investigating.

Friday, April 29th: The US House of Representatives’ Subcommittee on Commerce, Manufacturing, and Trade — send a letter to Hirai along with a list of questions and concerns.

Saturday, April 30th: Sony announces a press conference for the following day.

Sunday, May 1st: Kaz Hirai holds an afternoon press conference in Tokyo to outline what portions of the PlayStation Network will be restored this week and do introduce the forthcoming “Welcome Back” program. The investigation brings light that Sony Online Entertainment was also breached.

Monday, May 2nd: SOE servers are shut down. Later that afternoon, the company issues a press release announcing the extent of the breach.

Wednesday, May 4th: Hirai sends an eight-page response to Congress.

“Whether those who participated in the denial of services attacks were conspirators or whether they were simply duped into providing cover for a very clever thief, we may never know. In any case, those who participated in the denial of service attacks should understand that — whether they knew it or not — they were aiding in a well planned, well executed, large-scale theft that left not only Sony a victim, but also Sony’s many customers around the world.”


Sony removes 2500 'names and partial addresses' from exposed Sony website [Update: Not PSN related!]

by Christopher Grant on May 7th 2011 10:15AM

PlayStation Network

Update 11:15am: After some followup with our Japanese correspondant (Thanks, Ittousai!) we've updated the below story. Notably, the data was not from the PSN breach; rather, it was obtained from a publicly exposed file on Sony's own website, as revealed in this tweet two days ago. It's unclear what Reuters meant when it reported that the information "had been stolen by hackers and posted on a website" that Sony subsequently removed. It appears that Sony was able to remove the data from the website because ... it was Sony's own website! While this isn't related to the PSN attack, it is similarly emblematic of Sony's overall inability to protect sensitive customer data. You'll find our original (and erroneous) report after the break.

Update 11:56am: Included Sony's statement under More Coverage.

ORIGINAL: A report from Reuters' Tokyo branch reveals that the data lifted from PlayStation Network over two weeks ago had made its way from your life to Sony's servers into hacker's hands and finally, from there, onto an unnamed website. "Sony said on Saturday it had removed from the Internet the names and partial addresses of 2,500 sweepstakes contestants that had been stolen by hackers and posted on a website," Reuters reports.

Before you fret, let's detail the data a bit: It was from customers who entered a 2001 sweepstakes (Win a Free Identity Theft!) and did not include sensitive bits like credit card numbers, social security numbers, or passwords. "The website was out of date and inactive when discovered as part of the continued attacks on Sony," the beleaguered electronics company said. It's unclear how Sony was able to remove the website as quickly as it evidently did. Late last night, Sony re-adjusted its timeline for reactivating PSN, originally expected to be back online in some form this week, citing the need for further testing.

Playstation Outage: Sony asked for it says hacker

May 8, 2011 6:23 PM EDT

Hackers have been causing repeated havoc on Sony networks over the last month, but the devastation is a product of their own making according to a hacker intimately intertwined with the company.

(Photo: Reuters)<br>Sony Corp's Executive Deputy President Kazuo Hirai sits in front of a screen showing how their data was hacked at a news conference to apologise for a massive security breach of its PlayStation Network in Tokyo May 1, 2011. Hirai, the frontrunner to take over the top job at Sony Corp, apologised on Sunday for a security breach that allowed hackers to gain access to personal information on 77 million accounts for its PlayStation Network service.

George Hotz, a hacker that Sony recently sued, said that the company was essentially asking to be attacked with what he describes as a mix of hubris and defiance towards the hacker community.

"The fault lies with the executives who declared a war on hackers, laughed at the idea of people penetrating the fortress that once was Sony, whined incessantly about piracy, and kept hiring more lawyers when they really needed to hire good security experts," Hotz said in his official blog. "Alienating the hacker community is not a good idea."

For weeks Sony has been in the crosshairs on digital vigilantes, forcing the company to shut down several services and issue public apologies and reparations to customers affected.

In April Sony was forced to take down its massive Playstation gaming network after attackers infiltrated and acquired personal data on nearly 80 million customers -- one of the largest security breaches in history.

Services have yet to be restored as the company wants to "test the system's strength in these respects."

Then, on Monday, Sony learned SOE, which runs games such as DC Universe Online, had also been attacked, affecting an additional 24 million accounts.

The origins spur from a lawsuit brought against a hardware Hotz, who for months have been posting exploits of the Playstation 3 system onto his personal website.

In perusing Hotz and those who gained access to his information, Sony teamed with Internet Service Providers, Paypal and even YouTube to gain access to the IP addresses of users who viewed the content.

That move became a rallying cry for hackers to organize and take aim at the Japanese giant, decrying what it saw to be gross violations of digital privacy.

One group, calling it self Anonymous, said that the move was "just the beginning" and that it would "not forgive" the company for its "privacy invasion."

"Where the judicial system has failed, Anonymous will persevere, by standing up for the rights of everyone, not just those who dared to challenge these corporations," the group said on April 14, calling its members to action.

But of the havoc following the company since the first spat with Hotz, the hacker says that he is not involved.

"To anyone who thinks I was involved in any way with this, I'm not crazy, and would prefer to not have the FBI knocking on my door," he said.


Sony Ponders Reward Offer As It Insists PSN’s Security Was Up-to-Date
By Owen Good on May 9, 2011 at 3:00 AM

Sony is weighing whether to offer a reward for information on the hackers behind the massive PlayStation Network outage, now in its 18th day, CNET reports. Its potential amount was not mentioned.

Quoting unidentified sources, CNET said Sony is discussing the pros and cons of such a decision but has yet to get any go-ahead from the company’s senior executives in Tokyo. Any reward offered would be done in cooperation with law enforcement in multiple countries, including the FBI, currently investigating the attack on PSN’s data centre in San Diego.

Separately, Sony denied allegations, made in Congressional testimony on Thursday, that its servers were not running under the most current security update and that they had lacked basic measures of protection such as firewalls.

“The previous network for Sony Network Entertainment International and Sony Online Entertaiment used servers that were patched and updated recently, and had multiple security measures in place, including firewalls,” said Patrick Seybold, the top spokesman for PlayStation, according to CNET.

CNET also has a copy of Sony’s May 5 reply to Sen. Richard Blumenthal (D-Conn.), who on April 26 had demanded answers from the company as to the scope of the data breach, and assurances that consumers’ personal information is adequately protected.

The reply, by Kazuo Hirai, president of Sony Computer Entertainment, goes into greater detail on the April 19 attack that brought down PlayStation Network, saying hackers “had used very sophisticated and aggressive techniques to obtain unauthorized access to the servers and hide their presence from the system administrators.”

The full reply, which contains details previously discussed in Sony’s response to a U.S. House of Representatives committee on May 4,...
(1.88 MiB) Downloaded 724 times
"It is good to have an end to journey towards:
but it is the journey that matters in the end." ~Ursula K Le Guin
User avatar
Posts: 4350
Joined: Tue Feb 27, 2007 6:01 pm
Location: TN

Re: Timeline

Post by Littlabit »

It really doesnt matter how tight their security is.. if someone wants to hack it they will. That goes for pretty much anything in life when it comes to computers, internet etc. Just hope they fix it and make it right by everyone. That will show just how much "they care" about their customers.
Littlabit D'might 115 Cleric
GL of Celestial Navigators (Mushroom follower)
"Life is too short for drama & petty things, so kiss slowly, laugh insanely, love truly and forgive quickly"
Posts: 2644
Joined: Sat Sep 05, 2009 9:48 am
Location: Dead in a ditch

Re: Timeline

Post by Tarvas »

Sony's response time line looks reasonable to me. Personally I would like to find these little shits and bet the hell out of them. Their actions have an impact beyond shutting down games.
I'm a Tank!

Ride a cowboy, save a horse
Posts: 5983
Joined: Fri Jun 10, 2005 7:33 pm
Location: Rapid City, SD, USA

Re: Timeline

Post by Goofydoofy »

It wasn't done by little shits. It was done by multi-national terrorist groups who know Americans are lazy and can't survive without their video games.
Level 115 Druid, Level 115 Enchanter, Level 115 Paladin
Drinal - Maelin Starpyre Server
User avatar
Posts: 4350
Joined: Tue Feb 27, 2007 6:01 pm
Location: TN

Re: Timeline

Post by Littlabit »

The anti war against "computer geeks are us"? Well maybe they are leaving the "whos as good as betty crocker" group alone for now :)
Littlabit D'might 115 Cleric
GL of Celestial Navigators (Mushroom follower)
"Life is too short for drama & petty things, so kiss slowly, laugh insanely, love truly and forgive quickly"
User avatar
Mindless Lemming
Posts: 216
Joined: Thu Mar 31, 2005 9:53 am
Location: Vazaelle

Re: Timeline

Post by Nlannie »

Goofydoofy wrote:It wasn't done by little shits. It was done by multi-national terrorist groups who know Americans are lazy and can't survive without their video games.

So THIS is Al-Qaeda's revenge.
User avatar
Posts: 1475
Joined: Tue Jun 03, 2008 2:06 pm

Re: Timeline

Post by Sharrien »

Goofydoofy wrote:It wasn't done by little shits. It was done by multi-national terrorist groups who know Americans are lazy and can't survive without their video games.
I'm surviving, but what kind of hellish existance is this?? Enduring the pointless mediocrity of enforced reality is driving me mad!!!
Savage Spirit Sharrien Dreamstalker, Grand Master of all Tradeskills
Primal Elementalist Ravingronn Blazewarden, Master Artisan, Master Researcher
Post Reply