Following on from my recent whine over Sony and the PSN outage, I’ve a few more things to say.
Many have been quick to label Sony as incompetent following the attack and you can certainly understand why. However putting it in perspective, its not like they left our valuable data sat on a train or on some public FTP site, they were hacked. Without knowing the intricate details we can’t really judge how poor the security was. For all we know the Xbox Live databases could be more vulnerable but the hackers just targeted Sony and if I’m not mistaken Steam hardly has a great record. This wouldn’t be the first time that a website has been hacked and data stolen but the difference is a combination of scale of the attack and the fact that we’ve seen a long and public downtime.
I am a little surprised how the SOE intrusion has rather slipped under the radar. The fact that direct debit details were leaked for several countries is absolutely massive, perhaps more so than the main attack. I am very thankful that I don’t have any Sony Online titles, plus of course not living in the relevant countries.
What did rather impress me was the lengths that they went to in order to investigate the issue. They’ve taken it VERY seriously and have been rather cautious, which is a good thing. They could have just tried to quickly block off the attack or cover it up but they haven’t. Various security companies and even the FBI have been involved in getting to the bottom of the issues, tracking down the hackers and getting everything back up. They’ve taken their time (sweet time you might say) to have a thorough look into the issue and look to be taking strong measures for their return. Whilst I am frustrated at not being able to get online, this is undoubtably for the best and a great opportunity for Sony to actually fix things. Rushing it back up could lead to further attacks much sooner.
The question left is, do we return? For starters I’ll be updating my info so that Mr De Velion lives in 123 Fake Street and any credit cards on their will be axed. I would hope that given the time taken before restoring the service and the massive damage caused to their reputation that when it returns, PSN’s security will be stronger than ever, more than their competitors. There are without a doubt less secure websites with me personal details and no doubt credit card details as well, which is worrying in itself, however what keeps me concerned is that I firmly believe that the intention of the hack wasn’t to get data but to hurt Sony. Even if there are less secure targets with the same information, I can see Sony being a target once again.
Here’s hoping that the scumbags who’ve done this to Sony and of course us get whats coming to them. I’m sure the PSN will recover but there will always be that seed of doubt in people’s mind, certainly mine.