Feeds

PlayStation Network hack launched from Amazon EC2

Cloud economics strikes again

Choosing a cloud hosting partner with confidence

The hackers who breached the security of Sony's PlayStation Network and gained access to sensitive data for 77 million subscribers used Amazon's web services cloud to launch the attack, Bloomberg News reported.

The attackers rented a server from Amazon's EC2 service and penetrated the popular network from there, the news outlet said, citing an unnamed person with knowledge of the matter. The hackers supplied fake information to Amazon. The account has now been closed.

Neither Sony nor Amazon commented on the claims.

Bloomberg doesn't say how Amazon's cloud service was used to mount the attack. If the report is correct, it wouldn't be the first time it's been used by hackers.

German security researcher Thomas Roth earlier this year showed how tapping the EC2 service allowed him to crack Wi-Fi passwords in a fraction of the time and for a fraction of the cost of using his own computing gear. For about $1.68, he used special “Cluster GPU Instances” of the Amazon cloud to carry out brute-force cracks that allowed him to access a WPA-PSK protected network in about 20 minutes.

And in late 2009, a ZeuS-based banking trojan used the popular Amazon service as a command and control channel that issued software updates and malicious instructions to PCs that were infected by the malware.

In both cases, those tapping the Amazon cloud did so as paid customers.

A top Sony executive recently implicated the Anonymous hacker collective in the PSN attack but has so far provided no convincing evidence to support that claim. The attack, which penetrated core parts of the gaming network, was used to steal passwords, names, addresses, ages, email addresses and other data associated with 77 million accounts.

The network has been closed for the past 23 days and Sony has provided no little indication when it will reopen. On Tuesday, the company said the exact restoration date "will likely be at least a few more days". On April 30, the company's CEO had predicted the site would reopen later that week.

The Bloomberg article is here. ®

This article was updated to add details about the timeline for restoration of the PlayStation Network.

Security for virtualized datacentres

More from The Register

next story
It's Big, it's Blue... it's simply FABLESS! IBM's chip-free future
Or why the reversal of globalisation ain't gonna 'appen
'Hmm, why CAN'T I run a water pipe through that rack of media servers?'
Leaving Las Vegas for Armenia kludging and Dubai dune bashing
Bitcasa bins $10-a-month Infinite storage offer
Firm cites 'low demand' plus 'abusers'
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
CAGE MATCH: Microsoft, Dell open co-located bit barns in Oz
Whole new species of XaaS spawning in the antipodes
Microsoft and Dell’s cloud in a box: Instant Azure for the data centre
A less painful way to run Microsoft’s private cloud
AWS pulls desktop-as-a-service from the PC
Support for PCoIP protocol means zero clients can run cloudy desktops
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.