Former Hacker Comments on How PSN Attack May Have Gone Down

The PlayStation Network is back up for nearly gamers roughly the world, just Sony has yet to give an explanation as to why and how the attack brought down the service for all over a calendar month.

Onetime hacker and lead architect at Mykonos Software, Kyle John Adams, rundle with PCWorld about how the hack may have occurred. President John Adams suggests Sony may take left-wing its doors wide open for attack away using outdated software.

Was the PlayStation Blog a Gateway?

Hackers likely gained access using an SQL injection attack, according to Adams. In other words, hackers inserted malicious code into the database, and the server erroneously executed the code. This allowed the hackers to gain access to the waiter.

Adams suggests that the attackers Crataegus oxycantha have entered the server through Sony's blog. Sony's blog was victimisation an outdated version of WordPress, which has known SQL injection vulnerabilities.

"Information technology seems likely to Maine that Sony got attacked through its WWW services first, such as the blog, and it opened up the doors to the take a breather of Sony's servers," Sam Adams told PCWorld.

The attack on Sony's PSN was an "advanced persistent threat," which, as the name suggests, is a series of ongoing, planned attacks. To each one planned attack opens up to a greater extent and many doors, allowing the hackers to advance advance into the server.

Hackers On Sony's Servers For Months

"The depths they went indicates that this cut up wasn't arbitrary," Adams said.

He explains that these types of attacks can go on for weeks operating theatre yet months without being revealed, and that APTs typically take attempts to obtain valuable data.

"They comprehend value in the land site they're passing after," Adams aforesaid. "There's a slew of value in the data Sony had. There's always a buyer out there."

Adams did stress that he believes Anonymous had nothing to do with the attack, and notes that the aggroup has never hacked and taken personal information in the past.

Sam Adams seemed to yield, yet, that Sony's claim that Unknown may have made the cyber-terrorist's jobs easier with their DDoS attacks has any validity.

"It's possible for another group to go through an open backdoor," he said.

For more tech intelligence and commentary, follow Ed on Chirrup at @edoswald and on Facebook.