External Intrusion of the PlayStation Network
Lecola Pierce
Strayer University
Professor Curtis Bunch
Feb 6, 2015
External Intrusion of the PlayStation Network
Sony has had recently troubles with hackers intruding into their system and threating all Sony users with the capability of stealing all users’ information, but there was a case on April 20, 2011 that had all Sony employees in shock. One of Sony’s bestselling products, the PlayStation, was taken offline after their company discovered there was an intrusion in the PlayStation Network. For those who are not familiar with the PlayStation Network this is where most of the PlayStation business is done. In the PlayStation Network customers are all registered into this network and most have sensitive information uploaded onto the network including payment information. Hacking this interface would allow access to all users’ personal information which is considered to be a serious problem since one out of four homes either have a PlayStation 3 or PlayStation 4, which all must be registered onto the system before activation. The hackers were able to gain access to three separate gaming systems including PlayStation, Oriocity, and Sony online gaming. Before Sony was able to shut down their systems approximately over a million credit card numbers were reported stolen.
It’s not certain exactly when the hackers gained access to the Sony Network but Sony first announced the system had been hacked on April 22, saying an external intrusion had taken place on its systems between April 17 and 19 (Pepitone, 2011). Sony didn’t officially shut down their systems until April 20, two days before they officially reported the news to the media. It wasn’t until April 27 when Sony reported that the hackers actually gained access to personal information that was on the Sony network including credit card information of several of the users. This eventually put 77 million customers who used Sony at risk of their personal information being stolen, since Sony didn’t have any idea of how much information the hackers actually gained. On May 2, Sony discovered another one of their systems had been hacked which couldn’t come off as good news to the corporation who were already trying to recover from the first attack. Sony Online Entertainment took its Web services offline after revealing that hackers also gained access to its databases of subscriber information (Quinn & Arthur, 2011). It seemed as if every network had been hacked of Sony which only left them to shut down all systems until the intrusion could be further investigated and dealt with. Once this was discovered it was reported approximately 25 million accounts may have been stolen, but they did offer a sigh of relief for few since only personal information was taken not financial details. The hackers were only able to obtain the financial information from an international outdated database.
Sony discussed with the public the reason of delay for releasing the information on the systems being hacked. One Sony official stated there was a delay in the announcement to better gather information and perform an investigation of what actually happened before spreading fear to the customers of the possibilities. Another official stated that Sony wanted to try to find the source of the intruders before given information to the public due to fear of the hackers finding out that Sony was aware of the activities that were going on. When Sony realized their system was under attack they should have investigated possible vulnerabilities of the system to figure out exactly how the hackers could have intruded the system before shutting the whole network down. They also could have took the risk of setting a trap for the hackers in order to attempt to back track the source of the intrusion to attempt to catch the people who were responsible for the attack. I believe the Sony forensics teams could have provided a quicker analysis of the situation and the damage control but I believe they felt it was an inside job. This is the only thing that would explain for all of their systems to be hacked at the same. I feel as if they felt the same way which explains why it took so long for them to release to the public that the systems were hacked. If a system is hacked the corporation is to notify everyone that is potentially involved 24 hours of the discovered attack. References

Pepitone, J. (2011, May 10). Massive hack blows crater in Sony brand. Retrieved February 4, 2015, from CNN Money: http://money.cnn.com/2011/05/10/technology/sony_hack_fallout/
Quinn, B., & Arthur, C. (2011, April 26). PlayStation Network hackers access data of 77 million users. Retrieved February 4, 2015, from The Guardian: http://www.theguardian.com/technology/2011/apr/26/playstation-network-hackers-data