Incidents

Return of the Playstation Network

Today is May 17, almost exactly a month after the massive breach of Sony’s PSN network. If you live in North America then you may be pleased to know that the Playstation network has finally come back online. Due to the enormous amount of subscribers to the service, the restart has been a bit shaky, with reports of password reset emails clogging ISP mail servers. Despite the hiccups, it seems that the service is gradually returning.

If you are a customer of the Sony service, you will need to immediately change your password as well as install a firmware update to your system. Sony has pledged a much stronger security environment to its customers and partners, and this appears to be the beginning of many changes. Sony has previously stated that they have rebuilt the entire network from scratch and moved their PSN infrastructure to a new data center in an undisclosed location. I’m not sure why this emphasis on security wasn’t a focus of the original model, but maybe Sony can prevent future mishaps. Perhaps all the additional outside scrutiny will help, but only time will tell.

With the return of its online services Sony is offering a “welcome back” package to its customers. The details vary by region, but it generally consists of two free games, some time-limited free access to premium services, and some free game related content. Is this enough? Customers appear to be flocking back to the online service in droves. At this time there are no reports of any of the customers leaked data being used against them. As the breach is so recent, it may take some time for criminals to make use of the data.

Here at Kaspersky Lab we recommend that you always use strong passwords, and use only one per site. Keep a close eye on any emails alleging that they are from Sony or its affiliates, especially if they ask for any personal details. Additionally, if you had entered any credit card information into the online service, now is the time to pay extra attention to any charges or strange activity or perhaps consider cancelling altogether. Sony has promised to offer credit monitoring services to its customers where available, and it would be in your best interest to take advantage of this. Hopefully the size and scope of this breach will work as a wake-up call to other online services with such large databases of personal information to take better care of their most important resource; their customers.

Return of the Playstation Network

Your email address will not be published. Required fields are marked *

 

Reports

GhostEmperor: From ProxyLogon to kernel mode

While investigating a recent rise of attacks against Exchange servers, we noticed a recurring cluster of activity that appeared in several distinct compromised networks. With a long-standing operation, high profile victims, advanced toolset and no affinity to a known threat actor, we decided to dub the cluster GhostEmperor.

APT trends report Q2 2021

This is our latest summary of advanced persistent threat (APT) activity, focusing on significant events that we observed during Q2 2021: attacks against Microsoft Exchange servers, APT29 and APT31 activities, targeting campaigns, etc.

LuminousMoth APT: Sweeping attacks for the chosen few

We recently came across unusual APT activity that was detected in high volumes, albeit most likely aimed at a few targets of interest. Further analysis revealed that the actor, which we dubbed LuminousMoth, shows an affinity to the HoneyMyte group, otherwise known as Mustang Panda.

Subscribe to our weekly e-mails

The hottest research right in your inbox