you're reading...

PSN: Insider info or Insider attack

Journalism always intrigues me.
Today Bloomburg, without announcing their source, implicated access to Amazon EC2 in the attack on PSN.
Speculation is rife on the exact nature of the attack on PSN and SOE, just have a search on blogs for lots of theories on how the attack was organised or performed.
EC2 is certainly an excellent way of performing large scale computational tasks, and possibly attacks, as long as you can keep your true identity a secret and, a separate issue, access untraceable.
The most likely theory put forward so far is that a disgruntled SOE employ, a significant number were made redundant in March 2011, organised or perpetrated the attack through knowledge or access that should have been fixed/removed on the removal of said persons. Inside access/knowledge is the bane of all security measures.
Thus, as has been previously mentioned, the OpSony organised by Anonymous could merely have been used as cover.
Veracode have put together a blog entry that covers many of the propositions and postulations. It is an excellent read, with some of the history thrown in too.
We are highly unlikely to hear from Sony further on the root cause, unless the break all history on these issues and trace specific individuals and instigate legal action.


– Posted using BlogPress

About harlekwinblog

"Thoughts of an idle mind." Information Security professional.


No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: