Sony PlayStation Network attack shows Amazon EC2 a hackers' paradise
Amazon's cloud-based Infrastructure-as-a-service (IaaS) EC2 which leases compute power was used by hackers to siphon off personal details of over 80 million users from Sony's PlayStation Network (PSN).
Bloomberg reported that a hacker used Amazon's Elastic Computer service to assault PSN. The hacker used a proxy name to set up an account with Amazon.
Sony was compelled to shut-down the PlayStation Network in April after hackers siphoned personal data of about 80 million users. WSJ reported that Sony later confirmed that hackers had also broken into its San Diego based online unit, Sony Online Entertainment, further affecting 24.6 million users.
Amazon EC2 allows developers and companies to rent compute power which would otherwise require heavy investments in raising server farms. Amazon EC2 is primarily used for testing purposes.
However, Amazon EC2 is just not a favorite of companies looking for cost savings but has recently become a cynosure to hackers and malicious code crackers.
While the scale of the Sony PlayStation attack was unprecedented, Amazon has been in spotlight since August 2010 when two security researches used EC2 infrastructure to produce a Denial-of-service (DoS) attack against an SMB at the DEF Con 2010, a software security conference held in Las Vegas.
In January, a German researcher brought Amazon EC2 again under the scanner when he took 20 minutes to crack the password of a WPA-PSK protected network. The researcher Thomas Roth said: The networks can be broken into if hackers use enough computer power to brute force their way into figuring out the passwords that protect the wireless network.
Geek.com reported in November 2010, that Thomas Roth had used Amazon EC2 to hack 14 SHA1-encrypted hashes in 49 minutes using the brute force attack. He had used off-the-shelf CUDA Multiforcer software to aid the hack.
Amazon also came under scrutiny in December 2010 when whistle-blower site Wikileaks used its EC2 infrastructure to host its controversial diplomatic cables. Soon, Amazon purged its servers of Wikileaks' content.
Amazon EC2 charges 28 cents per minute to use its services.
The exact nature of the attack employed by hackers through Amazon EC2 to bring down the Sony PlayStation Network is still unclear. However, in a letter sent to publishers on PSN, Sony stated: The forensic teams were able to confirm that intruders had used very sophisticated and aggressive techniques to obtain unauthorized access, hide their presence from system administrators and escalate privileges inside the servers. Among other things, the intruders deleted log files in order to hide the extent of their work and activity within the network.
Brute force attack is the most unsophisticated form of hacking a password as it involves using all possible permutations of keys until the exact key is found. Hackosis explains it: If your password is 2 characters long and consists of letters and numbers - and is case sensitive, then a brute force attack would see a potential 3,844 different guesses at a password. This is because the first character lower case letters includes 26 letters + upper case letters includes 26 + numbers (10) = 62 and the second character also involves the same number 62. Thus, the total permutations are 62*62 = 3,844.
Hence, for passwords with more characters the process becomes more time consuming requiring many computers to do the mathematical calculations. It is here that Amazon EC2's compute power can be leveraged by hackers.
Cuurently Sony PSN and Qriocity services have been restored after a one month outage. Sony CEO Kazuo Hirai said the company has begun a phased restoration of most of Sony's online game play across the PS3, PSP and music services in most regions. But the issue of Amazon EC2 becoming a tool in the hands of hackers will continue to haunt Amazon.
© Copyright IBTimes 2024. All rights reserved.