The Christmas Hacksauce

It is Christmas time, and all around the consoles, a lot of wailing was heard…

 

psnandxbox

both under attack

XBox Live and Playstation Network (PSN) has come under attack, yet again, keeping gamers offline, and forcing them to spend Christmas with their family (or TV reruns)

Already in 2011, PSN (and Qriocity) was attacked, resulting in 77 million accounts compromised, along with credit-card details and other information useful to criminals. As a result Sony gave away a selection of cheap games in compensation, answered a set of questions from the US House of Representatives, and reported that they upgraded their security.

 

Since then, PSN has suffered repeated Denial-of-Service attacks from various parties, and even a bomb-scares against a flight with a PSN Exec on board, supposedly for the fun coming from a plane being re-routed.

 

Please accept YouTube cookies to play this video. By accepting you will be accessing content from YouTube, a service provided by an external third party.

YouTube privacy policy

If you accept this notice, your choice will be saved and the page will refresh.

Denial-of-Service just means someone is scripting a simple, but significant, attack on a service like PSN, taking it offline or breaking connections, and is in itself not really intruding into the service or the hosts behind it. It can, however, be used in parallel with other more sofisticated attacks, though nothing is showing that this is case currently

It is generally said that renting a “bot-net” for e.g. flooding a network costs from 67USD for 24 hours, depending on location, with costs up to 300USD for a set of machines located in Canada or the UK. This is naturally peanuts compared to what mitigating these attacks costs, and the potential costs from loss of business.

 

Following one of the previous attacks, Sony Computer Entertainment (SCE) and Microsoft were informed by so-called “white-hat” hackers of various flaws in their systems, though whether these were actual flaws or if there was something to be fix, remains unknown to the public. Either way, it seems that there are things in these services yet to be fixed and us gamers should do our part to remind the companies that they are selling us a service, and they need to ensure its availability and security.

psn

PSN

These Denial-of-Service attacks tend to abuse flaws in the internet, and other companies’ services (like DNS), to amplify attacks up to 200x; a request is amplified to multiple replies, with the replies being sent to the actual target. As long as other companies have these flawed services, Denial-of-Service attacks are too easy to pull off.

 

The recent attack on Sony Pictures, supposedly due to the movie The Interview, is unrelated, and uses a very different approach called Spear Phishing (e.g. targetted emails) and Social Engineering.

 

Games on PSN and Live unfortunately tend to be tightly integrated into the services, meaning an attack on PSN or Live can make it impossible to play games, even if the game-servers are up. Modern games, like Dumpstiny, using an online-only model even for solo-play, meaning an attack on PSN is an attack on Blurpstiny too – now, no-one can grind Grind-Metal in Grindstiny

xboxlive

XBox Live

Some of these attacks have to be mitigated at the companies providing the internet access to Sony and Microsoft, meaning fixing things right now is not just on Live and PSN, but also at other companies, who have to bring in technicians and analyse traffic to determine what to reject or reroute. If the lines into these service is flooded even before reaching the end-point, there is precious little to be done on the end-point hosts.

Either way, not only Sony and Microsoft have to rethink their designs, but also the game-developers that make their games require PSN and Live for any type of gaming; not having offline options in games with solo-play, is simply setting your (paying) customers up for problems.

 

So far only reason given by those claiming to do the attacks, is that it is fun, to show companies that their security is lax, and that they want “likes” on Twitter; they have taken to demand an ever-increasing number of followers, and retweets on Twitter, to stop the attack on Sony. This is after reports of having been paid by Kim Dotcom to cease their attack.

Note: Some people online are suggesting to reset or re-initialize your console, to get it back online – do NOT do this, as it will delete all your data, and very unlikely to help.

 

To see the current status of XBox Live, go here: http://support.xbox.com/en-US/xbox-live-status

To see status on PSN, go here: https://support.us.playstation.com/app/answers/detail/a_id/237 or here https://downdetector.com/status/playstation-network

 

Bammsters cannot confirm that the ongoing attacks are purely based on flooding, but notes that no evidence of more sophisticated attacks have surfaced at the time of reading.