The Sony Hack: Causes And Consequences

Playstation is a console of video games launched by Sony Computer and well-known around the world for high technology and great performance in games. Playstation was ready to launch the third version of their popular video game console, the Playstation III. Along with super powerful graphics processing capabilities the PSIII enchanted its audience with the promise of online gaming. To achieve this, Sony was to establish and secure a Network of players able to connect and play anytime. Unfortunately, Sony had a big lesson to learn on implementing new playing environments, securing their consoles and most importantly, their data. On April 2011, a hacker published software to “root” the newly released PSIII. As a response Sony sued this person and took follow-up actions against all those who visited the website. Soon after that they where contacted by the Anonymous Hacker Collective (AHC) who disagreed with company’s actions and started a Denial Of Service attack against them. Denial of Service (DOS) is a type of attack that massively connects the servers of a company with a myriad of false connection intents. this prevents the network to provide the service to the legitimate customers. After their attack, the AHC stoped their attacks, announcing that they would interfere with the customers’ activities. Apparently the nightmare was over for Sony, they thought the storm has passed by, but there were wrong. As the company was about to go into a total of $171 000 000.00 dollars in losses by a sophisticated second attacked not claimed by the AHC but somebody else.

The PlayStation Network served as the infrastructure for gamers of all ages to play games and interact with their friends in multiplayer battles. More than seventy seven million Sony customers had their sensitive information sitting in the Network including their names, addresses, credit card numbers, birthdays and expiration dates. The company was attacked in a very sophisticated fashion since the attackers were able to erase their traces by deleting the log files after stealing this huge amount of critical information from Sony users. The company was faced with the critics who claimed lack of transparency on the Company’s side. After a couple weeks they finally came with an explanation, and a clear picture of the attacks, most importantly, the measures they were taking to mitigate the risks of this kind of event occurring once again. After the company admitted to have identified the fault, they took all measures to prevent this kind of events affecting their customers. Sony enhanced encryption within the network, they added a new layer of security to their architecture, they installed enhanced monitoring software and hired a third party company to provide external security. They also forced all their users to generate new passwords as a way to begin a fresh start into the network. To restore the system once again the company gave free services to their users. As the biggest impact made to the company was in their reputation and perceived quality of service.

To analyze the entire situation, it is important to understand the scale and extension of the Sony business, they did not accurately map the possible risks of raise the awareness of the people into their security systems. I think one first mistake was to make a public affair out of the first rooting of the PSIII, because, as seeing in the aftermath of the case, Sony had not right to force users into its version of the software and had to the charges against the hacker George Hotz, His defense in court stated that the hardware one buys is his own and he should be able to use as he considers convenient. In the court, all sorts of consideration were widely debated. The lack of transparency appears to hurt more the reputation of a company that the admission of a fault of misconduct. It appears to me that just like in human relationships, it is easier to forget a friend for a mistake but harder to forgive a lie. This is why, it is in the best interest of any business to have a clear path of response against intrusions both in the technical operational side as in the Public Relations Side, as the spreading of a breach can motivate potential idle attackers to direct their efforts towards a particular company, Also the amount of business lost and bad reputation add up to very large amounts of money lost due to a lack of preparation. Security is an integral part of any business and it has proven to be very large topic to cover, there are so many aspects that need to be covered just by considering the possibility of an attack. There are countless reasons for a person, many times inside the organization, will want to perform or collaborate with an attack. The security personnel should be aware of all the modern ways to attack infrastructure to prevent unauthorized incursions. And if they happen, act according to a predefined plan to quantify the damage and act with transparency and celerity.

References

  1. https://en.wikipedia.org/wiki/Sony_Computer_Entertainment_America,_Inc._v._Hotz
14 May 2021
close
Your Email

By clicking “Send”, you agree to our Terms of service and  Privacy statement. We will occasionally send you account related emails.

close thanks-icon
Thanks!

Your essay sample has been sent.

Order now
exit-popup-close
exit-popup-image
Still can’t find what you need?

Order custom paper and save your time
for priority classes!

Order paper now