Security expert warns of inherited apathy towards user data

April 28th, 2011, 23:34 Posted By: wraggster

In the aftermath of Sony's PlayStation Network breach, security expert LogRhythm has warned that organisations do not place enough importance on user data, and a culture of "inherited apathy" can exist towards valuable personal information.
This week Sony admitted that over 75 million PlayStation Network accounts have been compromised, with the platform holder unable to determine whether credit card details have been stolen.
And today it admitted that personal information including user's email address, passwords and online IDs were not encrypted.
Bearing in mind that 80 percent of attacks are from insiders, who is the most likely person to have been able to conduct or assist with this attack?

Martin Landless, LogRhythm

"Personal details such as names and addresses have long been seen as unimportant assets and as an organisation's services grow, the inherited apathy - or insufficient risk assessment - can prevail," Martin Landless, technical director of international markets at LogRhythm toldGamesIndustry.biz.
"When this information is combined with dates of birth and credit card numbers, the value and potential to lead to further attacks increases exponentially. Even if the passwords were encrypted, the method used may not have been strong enough to ensure they remained secure."
While the current focus is on the violation of the PlayStation Network, Landless questioned whether the perpetrators were able to access other classified Sony information.
"What other systems did they access during that period? Is there a possibility that intellectual property has been compromised such as new specifications for PlayStation 4?"
He also pointed out that the majority of hacks are committed by internal staff, not outside forces.
"Bearing in mind the 80/20 rule that 80 percent of attacks are from insiders, who is the most likely person to have been able to conduct or assist with this attack?
"One would imagine there would be multiple external perimeters to compromise, and monitoring should have been conducted on these layers. There may not have been so many detection mechanisms within the network for a trusted administrator."
Sony has been criticised for not informing users sooner that their details had been compromised. Landless said that the company may not have been aware of the scale of the attacks and should now monitor security in real-time to improve reaction times.
"There is a very good chance it was unaware of the scale of the problem. Many organisations have a poor understanding of what is happening across their IT infrastructure, making it difficult to identify security incidents when they occur and the root causes responsible.
"There is often too much focus on the traditional security products that attempt to build a fence around the IT estate," he added. "Repeated high profile incidents of data loss have proven that these solutions are not infallible and are not enough to ensure network security.
"Sony needs to accept the inevitability of data breaches and take new courses of action to prevent similar incidents. It is now essential that systems are in place that can recognise breaches in real-time so that appropriate action can be taken immediately. Sony needs to automate and centralise the collection and analysis of 100 percent of its data logs, so that any aberration can be detected and investigated as it occurs."

http://www.gamesindustry.biz/article...ards-user-data

For more information and downloads, click here!

There are 0 comments - Join In and Discuss Here

Forum Info

Users online:

Guests online: 14481. Total online: 14481.

You have to register or login before you can post on our forums or use our advanced features.

Total threads: 206,266
Total posts: 750,057

Go to the forum

Advert

Buy Sony

PS4

PS3

PS2

PSone

PSVita

PSP

Sony Consoles News

Release: OpenOrbis Toolchain (PS4 Homebrew SDK) 0.5.2
PS4 Release: Hamachi client 0.2.1 by Sleirsgoevy, adds Firmware 9.00 support
PS4 Release: MultiTrainer 1.1.5.5
PS4 Release: PS4 DLC Unlocker Maker
PlayStation 5 sold 4.5m units in less than two months
Spider-Man: Miles Morales has sold 4.1m copies
PS5 to launch in China in Q2 2021
PS5's DualSense controller also faces drift issues
First PS5 drift class action lawsuit filed against Sony
DuckStation dev.0.1-2956
GAME details efforts to prevent PS5 scalpers
TheFlow announces WIP 'Grand Theft Auto: San Andreas' port for the PS Vita
PS4 firmware 7.55 exploit revealed by TheFlow
Harry Potter RPG 'Hogwarts Legacy' delayed to 2022
What we learned from PlayStation Vita
hpsx64 v0340
[1-11-2021] A Playable PSP Remake of the Original ‘Tomb Raider’ Has Been Discovered
Polish competition watchdog investigating Cyberpunk 2077
[RELEASE] Sonic CD for PS Vita
Sony reportedly discontinues all PS4 Pro and most PS4 Slim models production in Japan
Play! rev.800926fa
Excellent Improvement for Digimon World 2
PlayStation Plus games for January 2021 revealed
DuckStation dev.0.1-2663
PS5 Upgrade Feature Will Let You Know If You're Playing PS4 Games
PlayStation 4: Linux Loader now ported to FW 7.02 thanks to @mircoho
CD Projekt facing class-action suit over Cyberpunk 2077
DuckStation (2020/12/22)
VICEVita updated to version 1.2
PlayStation 4: PS4HEN released for Firmware 7.02
PS4 7.02 full stack exploit (user + kernel) released
PS4 7.02 exploit: Sleirsgoevy working on a port of the Synacktiv webkit exploit
PSVita: DaedalusX64 0.6 released
PCSX2 v1.7.0-dev-767
Super Robot Wars: Original Generations (PS2) translation released
Sony pulls Cyberpunk 2077 from PlayStation Store
Requests for refunds on Cyberpunk 2077 met with inconsistent response
PPSSPP dev.1.10.3-1330
PS4: Webkit exploit released for 6.xx, could potentially work on 7.xx
Play! rev.ff172d6b - PS2 Emulator for Windows
Xebra(Arbex) (2020/12/09)
PlayStation 3: Sony releases Firmware 4.87 for their 14 year old console – HFW 4.87.1
Xebra(Arbex) v200929b (2020/12/03)
PlayStation 5: Users getting banned for unlocking PS5-exclusive PlayStation Plus Coll
PS5: A second firmware update on its launch month, doesn’t seem to fix users’ issues
PSVita: re3-vita 1.1 released
PlayStation Plus games for December 2020 revealed
Sony declares PS5 is biggest launch in PlayStation history
Scalpers and bots reportedly driving PS5 shortages
The first PlayStation 5 game has been dumped
Jpcsp XLink Kai Support 1.0
PCSX-Redux v1578.20201119.6
PS4: OpenOrbis Toolchain updated to 0.5.1
The Search for the PS5 on Launch Day in the UK i Was Successful
PlayStation 5 sold almost six times as many units as Xbox Series X|S in Japan
PSX mecha action game Remote Control Dandy translated
PSVita Release: ds34vita released
PS5 Reports Warn of Putting PlayStation Console in Rest Mode
PCSX-Redux v1531.20201113.6
GePatch 0.2.0 released with ability to skip GE patches & more
PlayStation 4: Firmware 8.00 released with new avatars, revamped Party & Messages
HEX-Flow Launcher: A coverflow-like launcher for the Vita out for the public
Zanki Zero English Translation Patch for the PSVita released
PSVita: Grand Theft Auto III port by Rinnegatamante & TheFlow released
PSVita Release: Double Tap 2 Sleep Plugin Released by Joel16
Rinnegatamante working on porting Grand Theft Auto: Vice City to the PSVita
Phantasy Star Portable 2 Infinity Fan Translations [PSP] [Released]
Hermes V1.10 (PS2 Game)
PCSX-Redux v1523.20201113.2
PCSX-Redux v1503.20201030.3
hpsx64 v0330
PlayStation Plus games for November announced, includes Bugsnax for PS5
Phantasy Star Portable 2 Infinity - English Localization Public Release
First 12 hours of PS5 preorders match first 12 weeks of PS4's
PS4 shipments near 114m as new generation looms
Sony expects PS5 to exceed PS4's 7.6m launch sales this fiscal year
Sony to give away adapters to allow VR use on PlayStation 5
Jim Ryan: "We're more than a few minutes from the future of VR"
Sony details PS5 accessibility features
Sony legal threat compels PS5 faceplate company to cancel all orders
UK retail warns against launch day purchases of next-gen consoles
Does PlayStation need to buy more games studios?
No day one stock for retail as Sony focuses PS5 launch sales online
If Xbox is Netflix, then PS5 is cinema | Console analysis
PlayStation 5 | Critical Consensus
Sony debuts PS5 games ad as part of “memorable” launch efforts
Hermes v1.10 (PS2 Game)
Marvel's Avengers game to get an open beta this weekend
PlayStation: Launching a console during a pandemic “is a massive challenge
Rogue Hearts Dungeon Translation Released
English Translation Of Vampire Panic Released!
PlayStation Japan warns of Ghost of Tsushima stock shortage
Ghost of Tsushima sells 2.4 million in three days
Suikoden successor's Kickstarter raises $1.5 million on day one
Sony DualShock 4 controllers will not work with PS5 games
PlayStation software and services drive strong Q1 for Sony
Could Sony stumble on cross-generation games?
PES 2021 "pared back" as Konami focuses on Xbox Series X, PS5 version
Sony Boosting Output of PlayStation 5 to Meet Surge in Demand
Rogue Hearts Dungeon Translation Released
PlayStation suspends Facebook advertising
New PlayStation 2 exploit 'FreeDVDBoot' allows burnt DVD games to run without modchip
PPSSPP v1.10 PSP Emulator for Android and Windows
Sony announces PlayStation 5 Digital Edition
PS5 will far outsell Xbox Series X, predicts analyst
Grand Theft Auto Online coming to PS5 for free in 2021
Bethesda's Deathloop and Ghostwire: Tokyo will be timed PS5 exclusives
PS5 Digital Edition exists because "many consumers purchase solely digitally"
PlayStation 5's reveal was all about continuity
Grand Theft Auto Online is a killer app for PlayStation 5
EA: "PS5 and Xbox Series X games will feel different, better and more visceral"
The Last of Us Part 2 sells 4 million
Sony requires PS5 compatibility for all future PS4 releases
Sony postpones PlayStation 5 game reveal event
Sony shuts PlayStation Store back door in China
PlayStation fined $2.4m for misleading Australian customers over refunds
PlayStation 5 games to be revealed on June 4th
Sony's Jim Ryan: “It's time to give fans something that can only be enjoyed on PS5
Sony's games business declines as new generation looms
Sony's PS5 reveal will be all about the software
PlayStation Now reaches 2.2m subscribers
PlayStation Plus reaches 41.5m subscribers
The Last of Us Part 2 reportedly banned in the Middle East
Mira Project HEN, OpenOrbis PlayStation 4 toolchain homebrew both released
PlayStation Studios brand will launch alongside PS5
PCSX2 v1.6.0 released!
Sony temporarily closes PlayStation Store in China
hpsx64 v0301
vitaQuake v4.11 - Full HD 1920x1080 rendering for PSTV
vitaQuakeII - Quake II port for PSVITA
PlayStation Classic: AutoBleem 0.9 & RetroBoot 1.1 released
Hermes v1.10 (PSP Game)
Final Fantasy VII Remake ships 3.5m in three days
PlayStation 4 software update 7.50 released
Sony reportedly limiting PS5 launch window to 6m units
Rinnegatamante demonstrates quick progress in emulating the Nintendo 64 on Vita
Catherine: Full Body’s English translation for the Vita
Sony introduces PS5 DualSense controller
Sony takes $400 million stake in Bilibili
Xebra(Arbex) (2020/04/05)
PS4Delta Git (2020/04/06)
Vita3K Git (2020/04/06)
VitaPresence
PS3HEN 3.0.1 is out with FW 4.86 support!
Rebug 4.86.1 LITE released for CFW-capable PlayStation 3 consoles
Sharpscale – native 960×544 HDMI output for PSTV
PlayStation Plus games for April 2020 include Uncharted 4 and Dirt Rally 2.0
Sony sets up $100m COVID-19 Relief Fund
BetterTrackPlug 1.0.3
Project Eris for the PlayStation Classic version 0.9
VICEVita released for hacked PlayStation Vita consoles
vitaVoyager 0.7 Released
vitaHexen II 2.3 Released for PSVita
100 song mod for Taiko no Tatsujin V Version released!
PSOneScrot plugin released!
vitaQuake - Quake port for PSVITA
HFW 4.86.1 Released for PS3
Xerpi ports Play! to the PSVita
Sony declines to sell Call of Duty in Russia (again)
Avocado Git (2020/03/30)
DobieStation Git (2020/03/31)
rpcs3 Git (2020/03/31)
PlayStation 3 gets new firmware update for version 4.86
PlayStation 3: bguerville releases PlayStation 3 Toolset – A PS3 Exploitation
Final Fantasy VII Remake shipping early amid COVID-19 disruption
Sony doesn't see pandemic affecting PS5 launch
European studio boss Michael Denny leaves Sony after 25 years
Sony reduces PSN download speeds for the US
GameStop says no indication of PS5, Xbox Series X delays
Nintendo presses Sony to remove Mario creations from Dreams
Sony throttles back game downloads in Europe
CLR-DEV9 v0.8.7
hpsx64 v0290
Sony lays out more PS5 details
TheFlow is teasing a possible exploit for the PlayStation 4, for those on on OFW 6.20
Learning the lessons of the PlayStation 2
PSVita Release: Dasutein releases PC voices mod for The Legend of Heroes: Trails of C
Shadow of the Colossus and Sonic Forces are March's PS Plus games
3DS Release: 3DSync, a utility letting you upload Checkpoint saves to Dropbox
BGFTP Released
PlayStation and Facebook cancel GDC appearances citing coronavirus concerns
Sony announces closure of its official Playstation community forums
Expensive components drive PS5 production costs to $450 per unit
Sony files patent which encourages stuck players to spend money on DLC
PlayStation 4: PS4HEN 2.1.2 released with FW 7.02 spoofing support
GPCS4 v0.10
DobieStation Git (2020/02/09)
DuckStation Git (2020/02/09)
GPCS4 (PS4 emulator) News
PlayStation to close Manchester VR studio
Official PlayStation 5 website goes up, states that "they're not ready to fully unvei
Sony gaming revenue and profit on the decline as new console generation looms
PlayStation survey asks if players would enjoy having PS4 Remote Play on the Nintendo
vitaExhumed Released
DobieStation Git (2020/01/28)
English Translation of PSX Action-RPG Brave Prove Released
YouTube TV comes to PS4 as PS Vue moves out
PSVita Releases: VitaShell 2.02 & TailTale REsurrected
PSVita Releases: RealYoti updates VitaShell, Download Enabler, NoLockScreen and NoTro
PS4 News: Fire30 releases WebKit exploit for PS4 FW 6.00-6.72

The DCEmu Homebrew and Gaming Network

Welcome to the DCEmu Homebrew and Gaming Network. This Network of sites is owned and ran by fans of all games consoles, we post news on all the consoles we cover about hardware aspects, gaming and Homebrew. Homebrew and Emulation are software thats made using free and legal tools to play on games consoles. This Network is the only worldwide network of sites where coders can upload and post comments they deserve for all their hardwork. We have a Network that currently supports PSVita, WiiU, Nintendo Wii, Xbox360, PS3, PS2,PS1, Snes, N64, Gameboy, Nes, Xbox, Gamecube, Nintendo DS, PSP, GBA, Dreamcast, Sega Saturn,3DS, DSi, Switch, PS4, Pandora, xboxone, GP2X, iPhone, Windows Phone, iPad, Android and also Mobile Phone Emulation. When new consoles appear we will expand to cover those consoles. We also cover Theme Park News and news and reviews of Beer, cider, lager, wines and spirits. news of their own releases and get the credit and Please help DCEmu become stronger by posting on the forums every day and make our community larger.

Main

Search DCEmu

Social Media

The DCEmu Homebrew & Gaming Network

News Archive

DCEmu Newcomers