I find it interesting how in the news more and more you hear about company breaches in security. This begs the question are hackers getting smarter? Or companies getting dumber?
Take for instance the now infamous PSN (Playstation Network) outtage. This began as a simple DDoS attack against Sony in retaliation to their police raid on a PS3 hacker who did nothing illegal other than modding a computer he owns. (It would be like buying a Sony VAIO PC and Sony saying you can't install this program on it, and them arresting you as a result).
The DDoS attack later was found to be a diversion for a well-coordinated breach into Sony's internal network, compromising their database for the PSN network. Not only was information retrieved, but tracks were covered. Logs were removed. Corporate sabotage anyone?
The Anonymous group claims responsibility for the DDoS attack, but not the breach into their network, are they lying? Question is... why would they.
Now not even a month later, Codemasters (developer/publisher) gets hacked.... And on the 13th of June (Monday) Bethesda (developer/publisher) also got hacked.
This same group who hacked Bethesda's site also claims responsibility for hacking US government websites and criticizing them for their lack of security.
I think in general companies get bigger, and security is increasingly becoming an afterthought -- the value isn't fully understood until the worst happens.
How ironic that shortly after Sony rushes out a new store system with a new agreement and authentication system (to stop people using PS3's with custom firmware online), that the very system gets hacked. Was it put through it's paces? Probably not.
These are just my observations as someone heavily involved in this industry and field.
Take for instance the now infamous PSN (Playstation Network) outtage. This began as a simple DDoS attack against Sony in retaliation to their police raid on a PS3 hacker who did nothing illegal other than modding a computer he owns. (It would be like buying a Sony VAIO PC and Sony saying you can't install this program on it, and them arresting you as a result).
The DDoS attack later was found to be a diversion for a well-coordinated breach into Sony's internal network, compromising their database for the PSN network. Not only was information retrieved, but tracks were covered. Logs were removed. Corporate sabotage anyone?
The Anonymous group claims responsibility for the DDoS attack, but not the breach into their network, are they lying? Question is... why would they.
Now not even a month later, Codemasters (developer/publisher) gets hacked.... And on the 13th of June (Monday) Bethesda (developer/publisher) also got hacked.
This same group who hacked Bethesda's site also claims responsibility for hacking US government websites and criticizing them for their lack of security.
I think in general companies get bigger, and security is increasingly becoming an afterthought -- the value isn't fully understood until the worst happens.
How ironic that shortly after Sony rushes out a new store system with a new agreement and authentication system (to stop people using PS3's with custom firmware online), that the very system gets hacked. Was it put through it's paces? Probably not.
These are just my observations as someone heavily involved in this industry and field.
Comment