Cyber Security Case Study 2011 Playstation Network Hack

Slides:



Advertisements
Similar presentations
Cyber Security and the Global Business Environment Jeremy Schaar:)
Advertisements

Protection from Internet Theft By James Seegars. What Is Hacking? Definition – A)To change or alter(Computer Program) – B) To gain access to (a computer.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.
By Ashlee Parton, Kimmy McCoy, & Labdhi Shah
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Wonga example Register Question- What risks do you think businesses face due to IT developments?
Sam Cook April 18, Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.
How It Applies In A Virtual World
Computer Hacking By: Caleb Herring Katie Edom. What is Computer Hacking Computer Hacking is defined as one who uses programming skills to access, legally.
COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.
Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
報告者:劉旭哲 Anonymous: We didn't hack PlayStation Network.
Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.
People use the internet more and more these days so it is very important that we make sure everyone is safe and knows what can happen and how to prevent.
-Tyler. Social/Ethical Concern Security -Sony’s Playstation Network (PSN) hacked in April Hacker gained access to personal information -May have.
Password Security Everything (well… a lot, anyway) you didn’t know, or want to, but really actually need to.
Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
Topic 5: Basic Security.
MANAGING RISK. CYBER CRIME The use of the internet and developments in IT bring with it a risk of cyber crime. Credit card details are stolen, hackers.
Computer Security By Duncan Hall.
INTRODUCTION & QUESTIONS.
Information Systems Design and Development Security Risks Computing Science.
Scott Hervoyavich December 6 th, 2011 CYBERCRIME.
Zeus Virus By: Chris Foley. Overview  What is Zeus  What Zeus Did  The FBI investigation  The virus for phones  Removal and detection  Conclusion.
Social Impacts of IT: P6 By André Sammut. Social Impacts IT impacts our life both in good ways and bad ways. Multiplayer Games Social Networks Anti-social.
Allison Gladkowski.  About privacy and why it matters  Spyware and spam vocabulary and examples  Identity theft  Unapproved access  Today's big issues.
Unit 4 Protecting Your Information Section C. Chapter 1, Slide 2Starting Out with Visual Basic 3 rd EditionIntroduction to ComputersUnit 4C – Protecting.
Technical Implementation: Security Risks
AP CSP: Identifying People with Data and The Cost of Free
PATIENT IDENTITY RESOLUTION FOR SMARTER HEALTHCARE
Seminar On Ethical Hacking Submitted To: Submitted By:
Hacking Computer crime and cyber security.
Hotspot Shield Protect Your Online Identity
Lesson Objectives Aims You should be able to:
IT Security  .
A Project on CYBER SECURITY
Pre-writing topic discussion: Speak to your partner
How to build a good reputation online
E-commerce Application Security
Information Security 101 Richard Davis, Rob Laltrello.
MIS 5121: Real World Control Failure - TJX
Computer Security Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Year 10 ICT ECDL/ICDL IT Security.
Forensics Week 11.
Teaching Computing to GCSE
Five Unethical Uses of Computers
Cybersecurity Awareness
Data Security Team 1.
Security Threats Haunting the E-Commerce Industry. How Can Security Testing Help?
Protecting Your Credit
The Importance of DevSecOps
Introduction to Computers
Your Digital Footprint
HOW DO I KEEP MY COMPUTER SAFE?
Lecture 2 - SQL Injection
Chapter 1: The Need for Cybersecurity
Bethesda Cybersecurity Club
Computer Security By: Muhammed Anwar.
LO1 - Know about aspects of cyber security
Who am I?. Information Security and You: Identity Theft and Credit Card Encryption.
WJEC GCSE Computer Science
Security in mobile technologies
Dark Web Domain Status Report
Marcial Quinones-Cardona
G061 - Network Security.
Lessons Learned from Capital One Breach & More
Founded in 2002, Credit Abuse Resistance Education (CARE) educates high school and college students on the responsible use of credit and other fundamentals.
Presentation transcript:

Cyber Security Case Study 2011 Playstation Network Hack Abdul Muhid Abdul Rahim & Stephen Asamoah

What Happened? In April of 2011 Sony’s PSN network was hacked This left users without the online service for weeks It was later discovered that the security breach leaked personal information of possibly 77 million uses It was later discovered that the leakage also could have released important credit card details What Happened? Between the days of the 17 to 19 of April 2011, sony’s playstation network service was involved in oen of the largest security breaches in a long time It had come out that the data of possibly 77 million people worldwide who use the PSN service, may have It was by the 20th of April that this was realized and accordingly the network was taken offline by Sony Sony issued disclaimers to their user’s to inform them of the information that was stolen including credit card information, cautioning its users to carefully monitor aspects of their online presence, such as email, passwords, banking statements, etc.

How did they get into the system What Happened? How did they get into the system Once in the system, it didn’t seem like there were sufficient security measures in place to prevent the hackers from exploring The attackers were able to bypass all of the firewalls and gain access to the database server and inject some sort of communication tool in the application server to gain access to all the data in the database server. Sony had some sort of server log running on these servers but somehow the hackers were able to bypass it and roam the system undetected which explains why sony didn’t initially catch the breach or the amount of information that could potentially have been stolen right away Another theory speculates that hackers made user of amazon web services to aid them in infiltrating Sony’s Playstation Network.

Why is this important SO, you might be wondering… Why is it important to even discuss the hack of the playstation network in 2011? Sony, at the time and even currently is a very large company that has a lot of data about a very large number of people. A breach any of their systems (especially the playstation network system) has extreme negative implications There are some recorded incidents of lawsuits of individuals who claim their information has been used Sony seems to be no real stranger to cyber security intrusions, and a prominent company despised by many hacker groups. Their cybersecurity prowess and public reaction have brought them under public eye scrutiny before As an effect, they’re not highly regarded among these hacker groups, one of the possible reasons they have been targeted

Who’s responsible The truth of the matter is that it’s quite difficult to tell who actually was responsible for the attack It is currently unknown who the actual purpetrator is, but much speculation suggests a rogue member of the “Anonymous” hack group may be to blame for the hack “Anonymous” hack group denied having organized this attack on the Playstation Network

Who Does This Effect Sony Entertainment and its users. Obviously, this large security breach was quite important to the 77 million users whose data may have potentially been stolen The breach is also important to even people who didn’t necessarily use playstation network at the time, but may have used other services offered by the company Childrens/Teens who used their guardian’s credentials Sony’s budget and reputation has been severely damaged. It gives hackers a motivation to hack their weak defensive system Users online presence, such as email, passwords, banking statements, etc. User’s PSN info may have been corrupted or damaged (ex: trophies, collections, etc), giving a reason for to change consoles/platforms.

History 2005 - First major cybersecurity issue with the public 2010 - George Hotz, publicly released the information of how to hack in the PS3 and to obtain the master key. 2011 - Current Hack we are talking about! 2014 - Hacker Group Lizard Squad Takes Down Sony's PlayStation Network - Stole 100 TB of data CD and DVD discs were illegally used and redistributed. Sony placed DRM that crippled the OS rootkit modification software to prevent redistribution. Rootkit increased susceptibility, caused an outbreak with the public, encouraged attackers to hack more. A hacker group called “failoverflow” discovered a way to hack into the playstation 3 and presented these details at a hacking association meeting called Chaos Communication Congress.

Cybersecurity issues at play SQL Injection An SQL injection attack exploits this database communication method to make the database reveal information that it isn’t meant to. Identity theft Identity theft is the theft of online identity, which includes personal information as well as banking information SQL Injection Unsanitized Input Injection - This is a common type of SQL injection attack in which the hacker takes advantage of the way that a websites input (especially text) may be configured with respect to executing queries. Blind SQL Injection - This is another common type of SQL injection attack where the hacker doesn’t even directly gain access to relations that the’re not meant to, but rather gets information through reactional cues they observe from the system when certain input is given. Out of Band Injection - This is a less common, but also quite destructive SQL injection method in which the hacker through a series of queries will make the target system to create a connection with their own system to essentially steal data or make the system do other things Credential fraud There were even some cases of lawsuits spawning from users who had some sort of credit card or identity theft occur, as a result of the information leakage.

Conclusion Sony is strengthening their cybersecurity issues, however, anything can happen, especially with Sony’s History. PSN users need to be more cautious of the sensitive information they store. Users also need to be more cautious of the credential information, as well as any other personal information, they store in PSN as well as anywhere else online. If an attacker is successful in breaching into the system, users’ information will be stolen leaving them defenceless and dry. Some basic measures users are suggested in taking are to make sure their passwords and other personal informations are unique, complex, and vary from system to system

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.