Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Security Case Study 2011 Playstation Network Hack

Published byDidier Laviolette Modified over 6 years ago

Similar presentations

Presentation on theme: "Cyber Security Case Study 2011 Playstation Network Hack"— Presentation transcript:

1 Cyber Security Case Study 2011 Playstation Network Hack
Abdul Muhid Abdul Rahim & Stephen Asamoah

2 What Happened? In April of 2011 Sony’s PSN network was hacked
This left users without the online service for weeks It was later discovered that the security breach leaked personal information of possibly 77 million uses It was later discovered that the leakage also could have released important credit card details What Happened? Between the days of the 17 to 19 of April 2011, sony’s playstation network service was involved in oen of the largest security breaches in a long time It had come out that the data of possibly 77 million people worldwide who use the PSN service, may have It was by the 20th of April that this was realized and accordingly the network was taken offline by Sony Sony issued disclaimers to their user’s to inform them of the information that was stolen including credit card information, cautioning its users to carefully monitor aspects of their online presence, such as , passwords, banking statements, etc.

3 How did they get into the system
What Happened? How did they get into the system Once in the system, it didn’t seem like there were sufficient security measures in place to prevent the hackers from exploring The attackers were able to bypass all of the firewalls and gain access to the database server and inject some sort of communication tool in the application server to gain access to all the data in the database server. Sony had some sort of server log running on these servers but somehow the hackers were able to bypass it and roam the system undetected which explains why sony didn’t initially catch the breach or the amount of information that could potentially have been stolen right away Another theory speculates that hackers made user of amazon web services to aid them in infiltrating Sony’s Playstation Network.

4 Why is this important SO, you might be wondering…
Why is it important to even discuss the hack of the playstation network in 2011? Sony, at the time and even currently is a very large company that has a lot of data about a very large number of people. A breach any of their systems (especially the playstation network system) has extreme negative implications There are some recorded incidents of lawsuits of individuals who claim their information has been used Sony seems to be no real stranger to cyber security intrusions, and a prominent company despised by many hacker groups. Their cybersecurity prowess and public reaction have brought them under public eye scrutiny before As an effect, they’re not highly regarded among these hacker groups, one of the possible reasons they have been targeted

5 Who’s responsible The truth of the matter is that it’s quite difficult to tell who actually was responsible for the attack It is currently unknown who the actual purpetrator is, but much speculation suggests a rogue member of the “Anonymous” hack group may be to blame for the hack “Anonymous” hack group denied having organized this attack on the Playstation Network

6 Who Does This Effect Sony Entertainment and its users.
Obviously, this large security breach was quite important to the 77 million users whose data may have potentially been stolen The breach is also important to even people who didn’t necessarily use playstation network at the time, but may have used other services offered by the company Childrens/Teens who used their guardian’s credentials Sony’s budget and reputation has been severely damaged. It gives hackers a motivation to hack their weak defensive system Users online presence, such as , passwords, banking statements, etc. User’s PSN info may have been corrupted or damaged (ex: trophies, collections, etc), giving a reason for to change consoles/platforms.

7 History 2005 - First major cybersecurity issue with the public
George Hotz, publicly released the information of how to hack in the PS3 and to obtain the master key. Current Hack we are talking about! Hacker Group Lizard Squad Takes Down Sony's PlayStation Network - Stole 100 TB of data CD and DVD discs were illegally used and redistributed. Sony placed DRM that crippled the OS rootkit modification software to prevent redistribution. Rootkit increased susceptibility, caused an outbreak with the public, encouraged attackers to hack more. A hacker group called “failoverflow” discovered a way to hack into the playstation 3 and presented these details at a hacking association meeting called Chaos Communication Congress.

8 Cybersecurity issues at play
SQL Injection An SQL injection attack exploits this database communication method to make the database reveal information that it isn’t meant to. Identity theft Identity theft is the theft of online identity, which includes personal information as well as banking information SQL Injection Unsanitized Input Injection - This is a common type of SQL injection attack in which the hacker takes advantage of the way that a websites input (especially text) may be configured with respect to executing queries. Blind SQL Injection - This is another common type of SQL injection attack where the hacker doesn’t even directly gain access to relations that the’re not meant to, but rather gets information through reactional cues they observe from the system when certain input is given. Out of Band Injection - This is a less common, but also quite destructive SQL injection method in which the hacker through a series of queries will make the target system to create a connection with their own system to essentially steal data or make the system do other things Credential fraud There were even some cases of lawsuits spawning from users who had some sort of credit card or identity theft occur, as a result of the information leakage.

9 Conclusion Sony is strengthening their cybersecurity issues, however, anything can happen, especially with Sony’s History. PSN users need to be more cautious of the sensitive information they store. Users also need to be more cautious of the credential information, as well as any other personal information, they store in PSN as well as anywhere else online. If an attacker is successful in breaching into the system, users’ information will be stolen leaving them defenceless and dry. Some basic measures users are suggested in taking are to make sure their passwords and other personal informations are unique, complex, and vary from system to system

Download ppt "Cyber Security Case Study 2011 Playstation Network Hack"

Similar presentations

Cyber Security and the Global Business Environment Jeremy Schaar:)

Cyber Security and the Global Business Environment Jeremy Schaar:)
Protection from Internet Theft By James Seegars. What Is Hacking? Definition – A)To change or alter(Computer Program) – B) To gain access to (a computer.

Protection from Internet Theft By James Seegars. What Is Hacking? Definition – A)To change or alter(Computer Program) – B) To gain access to (a computer.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.

Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.
By Ashlee Parton, Kimmy McCoy, & Labdhi Shah

By Ashlee Parton, Kimmy McCoy, & Labdhi Shah
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Wonga example Register Question- What risks do you think businesses face due to IT developments?

Wonga example Register Question- What risks do you think businesses face due to IT developments?
Sam Cook April 18, 2013. Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.

Sam Cook April 18, Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.
How It Applies In A Virtual World

How It Applies In A Virtual World
Computer Hacking By: Caleb Herring Katie Edom. What is Computer Hacking Computer Hacking is defined as one who uses programming skills to access, legally.

Computer Hacking By: Caleb Herring Katie Edom. What is Computer Hacking Computer Hacking is defined as one who uses programming skills to access, legally.
COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.

COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.
Www.softwareassist.net Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
報告者:劉旭哲 Anonymous: We didn't hack PlayStation Network.

報告者:劉旭哲 Anonymous: We didn't hack PlayStation Network.
Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.

Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.
People use the internet more and more these days so it is very important that we make sure everyone is safe and knows what can happen and how to prevent.

People use the internet more and more these days so it is very important that we make sure everyone is safe and knows what can happen and how to prevent.
-Tyler. Social/Ethical Concern Security -Sony’s Playstation Network (PSN) hacked in April 2011 -Hacker gained access to personal information -May have.

-Tyler. Social/Ethical Concern Security -Sony’s Playstation Network (PSN) hacked in April Hacker gained access to personal information -May have.
Password Security Everything (well… a lot, anyway) you didn’t know, or want to, but really actually need to.

Password Security Everything (well… a lot, anyway) you didn’t know, or want to, but really actually need to.
Phishing scams Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal.

Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
Topic 5: Basic Security.

Topic 5: Basic Security.

Similar presentations

Ads by Google