Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Sony hack highlights importance of breach analysis

Jaikumar Vijayan, Computerworld | April 28, 2011
Sony's apparent difficulty in figuring out the extent of the damage from the recent intrusion into its PlayStation Network, while frustrating for those affected by it, is not too surprising, given the bag of tricks that hackers employ to hide their tracks.

In many cases, attackers take control of multiple systems and multiple accounts once they get into a network. They can drop multiple malware packets, each carrying a different payload. They also often disguise themselves to appear as legitimate users on the network and often delete log files or put in fake logs to throw administrators off their trail.

"If you suddenly take a subset of host systems offline, they are just going to switch their MO midstream," Carey said. "They will change their attack vector. They will drop multiple different toolkits. They'll even throw stuff out there that they'll want you to find so you think you have found them.

"It's no surprise at all that some of these big companies are taking weeks to find out what's going on," he added.


Previous Page  1  2  3 

Sign up for MIS Asia eNewsletters.