GamesBeat

Security expert: Sony used outdated software before Playstation Network breach

When hackers cracked the Playstation network and stole sensitive information from more than 100 milli users, Sony on was running the network on older versions of the Apache Web server software, a security expert said in a testimony to Congress Wednesday.

Purdue University security expert Dr. Gene Spafford told Congress that security experts knew Sony was running outdated versions of the Apache Web server software that did not have a firewall installed. Sony said hackers were able to breach the PSN and steal sensitive data while the company was fending off denial of service attacks from Anonymous, an online hacker group that typically takes up politically charged causes.

“My personal conclusion from reviews of reports in the press and discussions at professional meetings is that operators of these systems… continue to run outmoded, flawed software, fail to follow some basic good practices of security and privacy, and often have insufficient training or support,” Spafford said in his testimony to Congress.

Anonymous attacked Sony’s network after it tried to prosecute George Hotz, a hacker who reverse-engineered his Playstation 3 to run unauthorized programs. It said in a press release early this morning that it was not responsible for stealing any sensitive information or credit card data from Sony’s PSN — stating that it really didn’t fit the modus operandi of the hacktivist group that’s typically more concerned with disrupting company operations.

Unknown hackers attacked the PSN on April 19, forcing the Japanese company to bring down the network, which has more than 77 million registered users. The nightmare then continued after hackers broke into the company’s Station.com site, which serves as a host for its PC games like Everquest. Hackers were able to steal information from as many as 24.6 million accounts on that site, according to Sony. In all, more than 100 million accounts might have been compromised.

The PlayStation Network is a critical service that competes with Microsoft’s Xbox Live online gaming service — as well as other online gaming services. There are also 948 games now available in the PlayStation Network store, as well as 4,000 pieces of add-on content for games. You can find a timeline for the Playstation Network outage and credit card information theft scandal here, courtesy of VentureBeat’s gaming guru Dean Takahashi.

We’ll be exploring the most disruptive game technologies and business models at our third annual GamesBeat 2011 conference, on July 12-13 at the Palace Hotel in San Francisco. It will focus on the disruptive trends in the mobile games market. GamesBeat is co-located with our MobileBeat 2011 conference this year. To register, click on this link. Sponsors can message us at sponsors@venturebeat.com.

Screen Shot 2014-03-25 at 2.00.11 PMGamesBeat 2014 — VentureBeat’s sixth annual event on disruption in the video game market — is coming up on Sept 15-16 in San Francisco. Purchase one of the first 50 tickets and save $400!

Trackbacks

  1. [...] is the wholesale pwnage of various Sony units, some because Sony’s gross negligence of failing to install updated versions of web server [...]

  2. tabairlines says:

    […] practices of security and privacy, and often have insufficient training or support,” according to a report Thursday by VentureBeat. The report says hackers were able to breach the network and steal data while Sony was fending off […]

GamesBeat is your source for gaming news and reviews. But it's also home to the best articles from gamers, developers, and other folks outside of the traditional press. Register or log in to join our community of writers. You can even make a few bucks publishing stories here! Learn more.

You are now an esteemed member of the GamesBeat community. That means you can comment on stories or post your own to GB Unfiltered (look for the "New Post" link by mousing over your name in the red bar up top). But first, why don't you fill out your via your ?

About GamesBeat