(adsbygoogle = window.adsbygoogle || []).push({}); Interview: Specialist Says 'All Gaming Companies Should Prepare for Sony-Like Attack'[/u]
Source: You must login or register to view this content. | By: Tristan | May 17th, 2011

Since the Playstation Network outage is still the talk of the year, it's time for some old news that follows up into some 'new' news. Playstation Network has just came online, but Sony is still working on the Playstation Store, for various reasons, like giving us the 'Welcome Back' package, maybe ALOT newer DLC, games, etc. And in my state at least (Alaska), PSN has been turning on & off every once in awhile, which is unknown to me, nor can I find any of this online. So that being said, not everything in the Playstation Network scene is 100%.

It also isn't just us gamers who're getting affected by the PSN outage & Playstation Store, developers as well have been in 'struggle-mode', such as Capcom, You must login or register to view this content.. It is also said that game developers might be losing more money than Sony has, which is highly unlikely.

In this interview; it is with a company that is ran by the name of Akamai, an industry leader in 'cloud security & defense against hackers'. The interview is about the Playstation Network breach & what developers / game companies linked to Playstation Network / 3 should do to stay on the safe side of things. The man representing Akamai is Kris Alexander, whom is Chief Strategist for Connected Devices and Gaming, he will be talking about future attacks & how to 'counter-attack' hackers in the future.

I know this may be a 'tl;dr' thing, but it actually a really good read. Read it only if you have the time, leave a response!

-
Interviewer / Reporter | Kris Alexander / Akamai
-

In the aftermath of the attack, was Sony's reaction proper or could the situation have been handled better? What means could have been used by Sony to avoid this hack attack or prevent it?

I can’t speak for Sony. However, this is a broader issue in the game industry. Attacks are coming more frequently, in greater numbers, and various approaches (ranging from brute force to very subtle). Gaming businesses need to approach security as an on-going proactive plan that incorporates multi-faceted defense strategies that will fight against as many types of potential attacks as possible. Malicious attackers are striking from many different areas, so gaming companies, and virtually any company that operates online needs to be prepared for the varying types of attacks.

Sony’s hack attack was a DDoS attack, which has led to a mass security breach and plagued their PSN service for several weeks now. With such a sophisticated hacking method utilized, what is the most viable option to combat such attacks and was Sony’s shutdown of their PSN service the best method to do so?

Since attacks and attack methods can vary, there is often not one best option for mitigating risks, but a combination of methods that need to be used based on the online service and situation. Think of it like a door: one lock isn't enough because someone can figure out how to break through. You need many locks and new forms of defense as break-ins become more sophisticated. We recommend our customers implement multiple technology tools to mitigate multiple risks.

Akamai uses this strategy to ensure that both our network, and the networks of our customers are not compromised in the event of an attack. For example, in Q4 2010, some retailers saw traffic spikes and having the Akamai platform in place in advance proved critical. Our customers ended up preventing $15 million in lost revenue.

With Sony now a victim to this type of attack, what steps does Sony need to take to ensure their system is strengthened to combat future DDoS attacks and what should other companies look for when setting up future or upgrading their current security system?

I cannot comment on Sony's specific situation, but I can provide examples of best practices for particular situations. Companies with an online presence need a better understanding of how cyber attacks occur, and to understand the sheer scale of the effects they can have on a business.

Has this attack revealed vulnerability for all online gaming services, in your opinion? Or has it shown that more precautions need to be taken to ensure their network is properly guarded against potential attacks?

This is a major area of concern right now, and has put the vulnerability of gaming services in the spotlight. The gaming industry has always been an attractive target because of the large online communities with personal information, the potential of gaining competitive advantages in games, and the high profile nature of many of the businesses or game titles. The gaming industry is often ahead of the rest of the software industry in terms of new technologies and business models that other companies may not see for another few years. This means that the gaming industry often encounters new risks and challenges earlier than other businesses. As obstacles become more apparent, all businesses have the opportunity to learn and be proactive in mitigating those risks.

In the case of security, the opportunity starts with becoming educated on what types of attacks your company might be most susceptible to. Any company that conducts business online is potentially at risk for DDoS or other methods of attack. And as the sophistication of hacker methods increases, so should the defense solutions that these companies utilize.

Sony utilizes Cloud based storage services for select PSN members. As of late, Cloud based storage solutions have been on the rise, however, the technology hasn’t been widely utilized due to fear of hacks and system crashes. What is being done to safeguard cloud-based storage a solution from such personal identity breaches similar to the one of Sony’s PSN?

Like the Internet, the cloud is imperfect, which is why sophisticated security solutions are imperative. Akamai’s strategy to protecting cloud-based storage of its customers includes a number of cloud storage services and platform-as-a-service customers. Many of them do leverage our security stack, which includes things like layer 7 aware, Web Application Firewalling, for instance, to stop malicious application level hacking attempts and plug vulnerabilities.

Thanks to You must login or register to view this content. for the interview![/color]

Yea if you piss some people off they will hack you anymore.

right on the money, i hope other companies learn from this and upgrade there firewalls as well.

But the thing is. If someone is smart enough to build a wall, there is always someone smart enough to break it down.

Good read and he is correct
However i would say that all companies online or sites need to look at their protection now. Banks are no longer the target softer social networks are. Also all companies should inform customers within the same time frame as sony it shocking that 45% of reported cases 1 month after.

This is more then sony annoying people much much more
Weakness of online world we created.

Thx for the Interview Post. Good info.

all game companies should be very careful next time, i think.

they should hit Microsoft and see how they like it lol