Make us your home page
Instagram

Sony should have seen the warning signs of hackers

Sony Corp., besieged by hackers since April, considered its PlayStation Network an unlikely target even after threats by the online collective Anonymous and three separate security incidents in 2008.

The hacker group declared in April that it would wage a cyber war against Sony for trying to stop people from tinkering with the PlayStation 3. Three years earlier, the company faced three breaches in Europe, including one in which Sony said some PlayStation Network user data might have been stolen.

The repeated incidents should have warned Sony its online network was vulnerable, said Eugene Spafford, a computer science professor at Purdue University in West Lafayette, Ind. The failure to enact safeguards such as appointing a single chief of security may show Sony doesn't get the risks inherent in chairman and chief cxecutive officer Howard Stringer's networked strategy, he said.

Japan's Ministry of Economy, Trade and Industry said Friday it told Sony to take steps against data breaches, instructed the company to ease customer concerns over misuse of credit cards and share more information among affiliates.

Sony has struggled to keep up with the barrage that started in mid April. The Qriocity and PlayStation Network services were knocked out for almost a month, compromising data in more than 100 million accounts.

In the past week, Sony has been hit with smaller intrusions — a breach at online-service unit So-net Entertainment Corp. led to the misuse of user names and passwords of 128 customers. This week, Sony shut Web pages that were targeted in Greece, Canada, Thailand and Indonesia.

The PlayStation Network will resume in Japan, Taiwan, Singapore, Malaysia, Indonesia and Thailand today, while services in South Korea and Hong Kong will remain suspended until further notice, Sony said Friday.

"Obviously our network security didn't stop the attack and we're trying to understand why, and we've made big strides in bolstering our security," Stringer said in a May 17 interview, before the most recent incidents.

Sony believed it had "good, robust security," Stringer said. He rejected suggestions that Sony is paying for a lack of vigilance and said he was unaware of the 2008 intrusion on the PlayStation Network.

Since most users of PSN don't pay, and most threats focus on stealing credit card information, the theft of passwords and other personal data from those services appeared less likely, Stringer said.

When the April incursion started, he didn't know how serious it was, Stringer said. "I really don't think I could apologize for not knowing," he said. "It's a whole new experience for everybody at this scale."

There were warning signs. Sony was singled out for retaliation by Anonymous, the hacker group that brought down the websites of MasterCard in December, after the company sued 21-year-old George "GeoHot" Hotz for posting information on how to modify the PlayStation game console. The case was settled on March 31.

Anonymous announced its revenge campaign, "Operation Payback," on the website anonnews.org. In an early May statement, the group denied involvement in the PlayStation and Qriocity breaches, while saying some members of the loosely organized collective may have been behind it.

Sony's investigation into the cause and search for suspects in the mid-April attack is ongoing, the company said. Sony on May 23 said it may spend more than $170 million related to the hack. The company also said it discovered personal data may have been stolen from 8,500 user accounts in a music entertainment site in Greece.

Sony should have seen the warning signs of hackers 05/27/11 [Last modified: Friday, May 27, 2011 11:22pm]
Photo reprints | Article reprints

Copyright: For copyright information, please check with the distributor of this item, Bloomberg News.
    

Join the discussion: Click to view comments, add yours

Loading...
  1. Last steel beam marks construction milestone for Tom and Mary James' museum

    Growth

    ST. PETERSBURG — Tom and Mary James on Wednesday signed their names to the last steel beam framing the 105-ton stone mesa that will be built at the entrance of the museum that bears their name: the James Museum of Western and Wildlife Art.

    The topping-out ceremony of the James Museum of Western & Wildlife Art was held Wednesday morning in downtown St. Petersburg. Mary James (from left), husband Tom and Mayor Rick Kriseman signed the final beam before it was put into place. When finished, the $55 million museum at 100 Central Ave. will hold up to 500 pieces of the couple's 3,000-piece art collection. [Courtesy of James Museum of Western & Wildlife Art]
  2. Heights Public Market to host two Tampa Bay food trucks

    Business

    TAMPA — The Heights Public Market announced the first two food trucks for its "rotating stall," which will feature new restaurants every four months. Surf and Turf and Empamamas will be rolled out first.

    Heights Public Market is opening this summer inside the Tampa Armature Works building.
[SKIP O'ROURKE   |   Times file photo]

  3. Author Randy Wayne White could open St. Pete's biggest restaurant on the pier

    Food & Dining

    ST. PETERSBURG — The story begins with Yucatan shrimp.

    St. Petersburg Deputy Mayor Kanika Tomalin, pilot Mark Futch, Boca Grande, St. Petersburg Mayor Rick Kriseman, and author and businessman Randy Wayne White,  Sanibel, exit a Maule Super Rocket seaplane after taking a fight around Tampa Bay off the St. Petersburg waterfront, 6/28/17.  White and his business partners are in negotiations with the City of St. Petersburg to build a fourth Doc Ford's Rum Bar & Grille on the approach to the St. Petersburg Pier with a second event space on the pier according to White. The group met near Spa Beach after a ground breaking ceremony for the new pier. "We want to have our business open by the time the pier opens," said White. Other Dr. Ford restaurants are located on Sanibel, Captiva and Ft. Myers Beach. SCOTT KEELER   |   Times
  4. Guilty plea for WellCare Health Plans former counsel Thaddeus Bereday

    Business

    Former WellCare Health Plans general counsel Thaddeus M.S. Bereday pleaded guilty to one count of making a false statement to the Florida Medicaid program, and faces a maximum penalty of five years in federal prison. A sentencing date has not yet been set, acting U.S. Attorney W. Stephen Muldrow of the Middle District …

    WellCare Health Plans former general counsel Thaddeus M.S. Bereday, pleaded guilty to one count of making a false statement to the Florida Medicaid program, and faces a maximum penalty of five years in federal prison. A sentencing date has not yet been set, acting U.S. Attorney W. Stephen Muldrow of the Middle District of Florida stated Wednesday. [LinkedIn handout]
  5. DOT shows alternatives to former Tampa Bay Express toll lanes

    Transportation

    TAMPA — State transportation officials are evaluating at least a half-dozen alternatives to the controversial Tampa Bay interstate plan that they will workshop with the community over the next 18 months.

    Florida Department of Transportation consultant Brad Flom explains potential alternatives to adding toll lanes to Interstate 275 during a meeting Wednesday at the DOT’s Tampa office. Flom presented seven diagrams, all of which swapped toll lanes for transit, such as light rail or express bus, in the I-275 corridor from downtown Tampa to Bearss Avenue.