Report: Amazon cloud servers used to hack PSN

Saturday, 14 May 2011 14:28 GMT By Stephany Nunneley

A report over on Bloomberg states that Amazon cloud servers were used to attack PSN.

To the Cloud
Citing an anonymous source, the report (via Venture Beat) states that the account with Amazon was legitimate, although the hackers used an alias to set up the data center rental agreement.

Once the account with Amazon’s Elastic Compute Cloud service for web-based business was launched, the hacker attacked the PSN servers. Obviously, the account with Amazon has since been shuttered.

Amazon both declined to comment on the source’s claims to Bloomberg, and there’s no word whether or not the legal officials involved will be able to trace the culprit through the service or not.

SCEA’s Patrick Seybold told Bloomberg that since the investigation into the hacking of PSN was still ongoing, it “will not comment further on this matter.”

Sony sends a letter

Meanwhile, Sony’s SVP of publisher relations, Rob Dyer, has corresponded with the company’s publishing and development partners and in the letter stated it was a “top priority to restore,” PSN and “see that business is returned to usual as soon as possible.”

“We are working around the clock to restore service, but will do so only when we can ensure that the network can operate safely and securely,” he wrote. “In the meantime, we greatly appreciate your patience, understanding and goodwill.”

The letter, posted by Industry Gamers, goes on to explain what happened that fateful day back in April, and said the hackers used “very sophisticated and aggressive techniques to obtain unauthorized access, hide their presence from system administrators and escalate privileges inside the servers.”

Dyer then went on to describe exactly what Sony was doing to “give consumers peace of mind,” as well as secure the firm’s security systems moving forward by enhancing the network infrastructure.

The letter goes on to state that the firm is doing the following:

“Adding additional automated software monitoring and configuration management to help defend against new attacks; implementing enhanced levels of data protection and encryption, as well as additional penetration and vulnerability testing; employing new capabilities to detect software intrusions within the network, unauthorized access and unusual activity patterns; installing additional firewalls; expediting a planned move of the system to a new data center in a different location with enhanced security; and hiring a new Chief Information Security Officer.”

Looking ahead, Dyer stated that after the new measures are in place, the firm is “confident,” that its “consumer data will be protected by some of the best security measures available today.”

“As a valued partner we aim to keep the lines of communication open so that you are aware of our progress,” he said in closing. “Our focus has been to confirm the security of the networks, protect customer data and get the services back on line as quickly as possible. We will do our best to respond to all of your inquiries and we will do everything we possibly can to support you.

“We are doing everything we can to bring these services back online as soon as possible. We will update you with more information as soon as we can, but please call your account executive if you have further questions. We thank you for your patience and look forward to moving ahead together in the months and years to come.”

Sony took the PSN network offline on April 19, and SOE took its severs offline on May 1. The firm has yet to state when all servers will be brought back online, but has said it will be “soon,” and will rolled out intermittently as each of the networks offerings becomes secure.

Latest