Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Intrusion Forces PlayStation Network Offline

PlayStation Network Hacked – Updated 04/24 8:55AM

PlayStation Network Hacked – Updated 04/24 8:55AM

After being offline for a majority of the last three days, Sony has come forward with an update regarding the status of its PlayStation Network, the platform that connects millions of PlayStation users for online play and content.

PlayStation Network Suffers IntrusionAfter a period of silence, and keeping millions of gamers itching to get answers on when they’d be back in action with online play, a Sony representative posted a note on Friday night, saying that its systems had suffered from an external intrusion that has affected the PlayStation Network and Qriocity services. (Qriocity is Sony’s streaming music and video service.)

The intrusion doesn’t appear to be what knocked out the service however, as Sony said it purposely “turned off the PlayStation Network & Qriocity services” on Wednesday night so it could conduct an investigation.

On Thursday, April 21, Patrick Seybold, Sr. Director, Corporate Communications & Social Media at Sony Network Entertainment, posted a generic message online, saying no more than, “We’re aware certain functions of PlayStation Network are down. We will report back here as soon as we can with more information.” Seybold later posted a update, letting gamers know they shouldn’t get their hopes up for a quick return to service. In that note, Seybold said, “While we are investigating the cause of the Network outage, we wanted to alert you that it may be a full day or two before we’re able to get the service completely back up and running.”

On Saturday night, Seybold posted another update, saying that Sony was working around the clock to bring the systems back online. “Our efforts to resolve this matter involve re-building our system to further strengthen our network infrastructure. Though this task is time-consuming, we decided it was worth the time necessary to provide the system with additional security,” Seybold wrote in a blog post.

While it’s not known who is responsible for the intrusion, many were initially pointing fingers at Anonymous, the “Hacktivist” group that gained much visibility over Wikileaks and music industry related attacks. The group had recently targeted Sony Web properties with DDoS attacks in response to a lawsuit that Sony had filed against Georg Hotz, an American hacker who discovered how to unlock (jailbreak) the PlayStation 3 console’s operating system.

Anonymous Attacks SonySony argued in the suit that Hotz breached the Digital Millennium Copyright Act and other laws after he published an encryption key and software tools online to enable other PlayStation “unlock” their consoles, something that also may enable users to play pirated copies of games. Sony and Hotz agreed to a settlement on March 31, 2011. Hotz’s motion to dismiss for lack of personal jurisdiction was still pending before the federal court in San Francisco but a preliminary injunction was issued requiring Hotz to take down the postings challenged by SCEA.

But the Anonymous group says it’s not behind this week’s outage, saying, “For Once We Didn’t Do It.” In a post to the site the group uses to update the world on its latest initiatives, the group wrote, “While it could be the case that other Anons have acted by themselves AnonOps was not related to this incident and takes no responsibility for it. A more likely explanation is that Sony is taking advantage of Anonymous’ previous ill-will towards the company to distract users from the fact the outage is actually an internal problem with the companies servers.”

The details of the intrusion are unclear at this point, and Sony has not provided any additional information, including if any user data was compromised in the event. We have reached out to Sony for comment and have not heard back. SecurityWeek will continue to provide additional details as we gather more information.

Advertisement. Scroll to continue reading.
Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Cybercrime

Cloud company Rackspace has completed its investigation into the recent ransomware attack and found that the hackers did access some customer resources.