Sony Rebuilding PlayStation Network (PSN) – Down 4 Days So Far


There’s been a few big stories in the past few days, one is of course the whole iPhone geo-location data tracking thing – but everyone was too busy checking into Foursquare to complain about that.

The other is that the Sony PlayStation Network (PSN) basically got hacked, owned and raped. It’s still currently down and according to Sony is being completely rebuilt to be more secure, so far it’s been down for 4 days.

The outage of Sony’s PlayStation Network and Qriocity service, now in its fourth day, looks set to continue after the company said on Sunday that it is “rebuilding” its system to better guard against attacks.

Sony said on Saturday that the outage was caused by an “external intrusion” into the network, but has yet to detail the problem.

The PlayStation Network is used for PlayStation 3 online gaming and sales of software to consoles and the PlayStation Portable. The Qriocity service runs on the same network infrastructure and provides audio and video to Sony consumer electronics products. The latest update, while not explaining the intrusion, pointed towards it being relatively sophisticated.

“Our efforts to resolve this matter involve rebuilding our system to further strengthen our network infrastructure,” the company said in a statement. “Though this task is time-consuming, we decided it was worth the time necessary to provide the system with additional security.”

I bet there’s a lot of gaming addicts out there jonesing to get their fix, I’d imagine it’s a top priority for Sony to get this back up and running especially as they were planning to major updates. They haven’t as yet given any kind of indication as to how long it’s going to take them to fix it.

I’d estimate they should be done before the end of this week, more than 7 days down is suicide for this kind of online model.


Sony said it is “working around the clock to bring them both back online,” but didn’t say when they might return. Phone calls to the company’s Tokyo headquarters went unanswered on Sunday.

“We thank you for your patience to date and ask for a little more while we move towards completion of this project,” the statement said.

The outage has left PlayStation 3 owners unable to play online games. Networked gaming, in which gamers collaborate with others in real-time battles, challenges and quests, is very popular and typically enjoyed by millions, especially over the weekend.

I’d imagine we’ll be seeing some kinda of announcement by Sony about this fairly shortly – they can’t be leaving millions of frustrated gamers in the dark. I’d be interested to see some kind of details regarding the intrusion too.

How did they get in? How serious was it? Did they use some kind of mythical 0-day exploit?

From what we know about Sony though, I wouldn’t hold your breath on the details..

Source: Network World

Posted in: Hacking News

, , , , , , , ,


Latest Posts:


Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.


3 Responses to Sony Rebuilding PlayStation Network (PSN) – Down 4 Days So Far

  1. Ashley Burton April 25, 2011 at 3:59 pm #

    Seems like a pretty serious breach, I assume that when they said “we decided it was worth the time necessary to provide the system with additional security” that they didn’t have an option since the attacker(s) would simply repeat the attack or exploit the next in a series of vulnerabilities.

    With a bit of luck we’ll get an explanation for how it all happened, though if it’s an embarrassing security hole and no actual data has been lost/misappropriated I can imagine them just keeping quiet.

  2. DeborahS April 26, 2011 at 7:37 am #

    Wonder if it had anything to do with Anonymous’ LOIC DDOS attacks to voice their disapproval of Sony’s “persecution” of the hacker who figured out how to restore OtherOS (or something like that, I don’t remember all the details). I read that they weren’t any too happy when Sony said they were going to bring in some big security guns to prevent them from succeeding with any more DDOS-ing. Last I heard, Anonymous was plotting their little IRC hearts out about what they would do if Sony did that.

    I of course have absolutely no idea, but I wonder… The timing seems a little bit too exact to be purely coincidence, but then you never know about these things.

    • Darknet April 26, 2011 at 8:09 am #

      AnonOps have confirmed they were not involved in this attack. Of course they can’t categorically state that someone from Anonymous hasn’t worked alone on this. But the main collective wasn’t behind this attack (although you are right, they do currently have a cyber jihad against Sony).