Security Take Two - Real. Serious. Security.

Sony Part 2 [012]

Our last episode covered Sony’s cybersecurity woes from 2005 until 2011, we pick up where we left of in the midst of the 50 days of LulzSec. This episode covers everything up until the alleged theft of the PS5 root signing keys in January 2026. So much s0wnage and so little time… 2014 Sony Pictures hack - Wikipedia [https://en.wikipedia.org/wiki/2014_Sony_Pictures_hack] Lizard Squad - Wikipedia [https://en.wikipedia.org/wiki/Lizard_Squad] Kim Dotcom May Have Just Saved Holiday Gaming - Gizmodo [https://web.archive.org/web/20190327135053/https://www.gizmodo.com.au/2014/12/kim-dotcom-may-have-just-saved-holiday-gaming/] Hackers Used Sophisticated SMB Worm Tool to Attack Sony - Security Week [https://www.securityweek.com/hackers-used-sophisticated-smb-worm-tool-attack-sony/] Hacker group claims it breached Sony’s PlayStation Network and stole information - Business Insider [https://www.businessinsider.com/playstation-network-allegedly-hacked-ourmine-2017-8] ‘All Of Sony Systems’ Allegedly Hacked By New Ransomware Group - Kotaku [https://kotaku.com/sony-playstation-hack-breach-ransomware-ransomed-vc-1850870993] Ransomed.vc group claims hack on ‘all of Sony systems’ - CyberDaily.au [https://www.cyberdaily.au/commercial/9600-ransomed-vc-group-claims-hack-on-all-of-sony-systems] Sony Confirms Data Breach - Gamerant [https://gamerant.com/sony-data-breach-confirmation/] Sony confirms data breach impacting thousands in the U.S. - Bleeping Computer [https://www.bleepingcomputer.com/news/security/sony-confirms-data-breach-impacting-thousands-in-the-us/amp/] CTRL-ALT-CHAOS - Elliott & Thompson [https://eandtbooks.com/books/ctrlaltchaos/] PS5 ROM Keys Leak: What Happened, Why it Matters, and How it Impacts Security? - PC Quest [https://www.pcquest.com/gaming/ps5-rom-keys-leak-what-happened-why-it-matters-and-how-it-impacts-security-10965503] PS5 Open to Hacks and Jailbreak as ROM Keys Leak – Report - PlayStation Lifestyle [https://www.playstationlifestyle.net/2026/01/01/ps5-open-to-hacks-jailbreak-rom-keys-leak/] Sony Pictures Statement Related To Lulzsec Attack - Sony [https://www.sonypictures.com/corp/press_releases/2011/06_11/060311_security.html] Member Of LulzSec Hacking Group Sentenced To Over Year In Federal Prison For 2011 Intrusion Into Sony Pictures Computer Systems - Department of Justice [https://www.justice.gov/usao-cdca/pr/member-lulzsec-hacking-group-sentenced-over-year-federal-prison-2011-intrusion-sony] Sony Online President’s Flight Diverted After Hacker Bomb Threat - Kotaku [https://kotaku.com/sony-online-presidents-flight-diverted-after-hacker-bom-1626249376] Update on Sony Investigation - FBI [https://www.fbi.gov/news/press-releases/update-on-sony-investigation] TA14-353A: Targeted Destructive Malware - Seclists [https://seclists.org/cert/2014/172] PlayStation Network Update - Sony [https://blog.playstation.com/2014/12/27/playstation-network-update-3/] American and Dutch Teenagers Arrested on Criminal Charges for Allegedly Operating International Cyber-Attack-For-Hire Websites- Department of Justice [https://www.justice.gov/usao-ndil/pr/american-and-dutch-teenagers-arrested-criminal-charges-allegedly-operating] PlayStation social media accounts briefly hacked - We Live Security [https://www.welivesecurity.com/2017/08/21/hackers-target-playstation/] PlayStation Social Media Accounts Hacked - Security Week [https://www.securityweek.com/playstation-social-media-accounts-hacked/] Breach letter - Sony victim [https://s3.documentcloud.org/documents/24005170/sample-individual-notice-10032023.pdf] #StopRansomware: CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability - CISA [https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-158a] Sony Confirms Data Stolen in Two Recent Hacker Attacks - Security Week [https://www.securityweek.com/sony-confirms-data-stolen-in-two-recent-hacker-attacks/]

Sony Part 1 [011]

When it comes to information security, Sony has had a bit of a tough go of it. In fact, there have been so many incidents, Ben and Chet decided to make this a multi-part series. This post covers 2005 to mid-2011 which we are referring to as part 1. From rootkits, to DDoS, stolen credit cards and SQL injection, Sony has been through a lot. These are opportunities to reflect for the rest of us, though. We can recognize some of the weaknesses we ourselves may still have and hopefully take away lessons on hardening our own defences. Firewall Times - Sony Data Breaches: Full Timeline Through 2023 [https://firewalltimes.com/sony-data-breach-timeline/] LinkedIn - Sony PlayStation Network Hack (2011) - A Deep Dive [https://www.linkedin.com/pulse/sony-playstation-network-hack-2011-deep-dive-etciso-nf3kc/] ON THE PLAYSTATION 3 - GeoHot’s first post about hacking the PS3 [https://web.archive.org/web/20100101084713/http://geohotps3.blogspot.com/2009/12/real-challenge.html] Reuters - Sony PlayStation suffers massive data breach [https://www.reuters.com/article/technology/sony-playstation-suffers-massive-data-breach-idUSTRE73P6WB/] EFF - Updated Sony BMG DRM Spotter’s Guide [https://www.eff.org/deeplinks/2005/12/updated-sony-bmg-drm-spotters-guide] EDN - The Sony PlayStation 3 hack deciphered: what consumer-electronics designers can learn from the failure to protect a billion-dollar product ecosystem [https://www.edn.com/the-sony-playstation-3-hack-deciphered-what-consumer-electronics-designers-can-learn-from-the-failure-to-protect-a-billion-dollar-product-ecosystem/] Wikipedia - Sony BMG copy protection rootkit scandal [https://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootkit_scandal] CSO - New PS3 hack claims to be the most powerful yet [https://www.csoonline.com/article/527504/new-ps3-hack-claims-to-be-the-most-powerful-yet.html] YouTube - The Light It Up Contest – geohot [https://www.youtube.com/watch?v=9iUvuaChDEg] VG247 - SOE: 12,700 old CC numbers, 10,700 DD records breached [https://www.vg247.com/report-sony-loses-12700-credit-card-numbers] The Register - Sony says data for 25 million more customers stolen [https://www.theregister.com/2011/05/03/sony_hack_exposes_more_customers/] Wikipedia - George Hotz [https://en.wikipedia.org/wiki/George_Hotz] Medium - Meet Cyber: How “Anonymous” Hacked Sony PlayStation And Breached the Data of 77 Million Gamers [https://meetcyber.net/how-anonymous-hacked-sony-playstation-and-breached-the-data-of-77-million-gamers-441ccaaefab9]\

WannaCry [010]

May 12, 2017 was memorable for many in the information security industry, but it was also memorable in health care, manufacturing, shipping and more as the WannaCry worm laid waste to unpatched Windows machines the world over. May it be the last widespread worm we need to cover on this podcast… Wikipedia - WannaCry [https://en.wikipedia.org/wiki/WannaCry_ransomware_attack] Microsoft - MS17-010 [https://support.microsoft.com/en-us/topic/ms17-010-security-update-for-windows-smb-server-march-14-2017-435c22fb-5f9b-f0b3-3c4b-b605f4e6a655] The Hacker News - TSMC Chip Maker Blames WannaCry Malware for Production Halt [https://thehackernews.com/2018/08/tsmc-wannacry-ransomware-attack.html] Arstechnica - NSA Leaking Shadow Brokers Just Dumped Its Most Damaging Release Yet [https://arstechnica.com/information-technology/2017/04/nsa-leaking-shadow-brokers-just-dumped-its-most-damaging-release-yet/] NCCIC - What is WannaCry/WanaCryptor [https://www.cisa.gov/sites/default/files/FactSheets/NCCIC%20ICS_FactSheet_WannaCry_Ransomware_S508C.pdf] Arstechnica - An NSA Derived Ransomware Worm is Shutting Down Computers Worldwide [https://arstechnica.com/information-technology/2017/05/an-nsa-derived-ransomware-worm-is-shutting-down-computers-worldwide/] NIH - NHS ransomware attack spreads worldwide [https://pmc.ncbi.nlm.nih.gov/articles/PMC5461132/] Wired - Accidental Kill Switch Slowed Friday’s Massive Ransomware Attack [https://www.wired.com/2017/05/accidental-kill-switch-slowed-fridays-massive-ransomware-attack] Zero Day - U.S. Government Disclosed 39 Zero-Day Vulnerabilities in 2023, Per First-Ever Report [https://www.zetter-zeroday.com/u-s-government-disclosed-39-zero-day-vulnerabilities-in-2023-per-first-ever-report/] Arstechnica - Wanna Decryptor Kill Switch Analysis [https://arstechnica.com/information-technology/2017/05/wanna-decryptor-kill-switch-analysis] Sophos - WannaCry Aftershock [https://www.sophos.com/en-us/medialibrary/PDFs/technical-papers/WannaCry-Aftershock.pdf] Microsoft - Customer Guidance For WannaCrypt Attacks [https://www.sophos.com/en-us/medialibrary/PDFs/technical-papers/WannaCry-Aftershock.pdf] The Hacker News - WannaCry Ransomware Bitcoin [https://thehackernews.com/2017/08/wannacry-ransomware-bitcoin.html] Gov.UK - Foreign Office Minister condemns North Korean actor for WannaCry attacks [https://www.gov.uk/government/news/foreign-office-minister-condemns-north-korean-actor-for-wannacry-attacks] White House - Press Briefing on the attribution of the WannaCry malware attack to North Korea [https://trumpwhitehouse.archives.gov/briefings-statements/press-briefing-on-the-attribution-of-the-wannacry-malware-attack-to-north-korea-121917/]\

LulzSec [009]

For 50 days in mid-2011 the hacker world and even the wider pop-culture world was enthralled by a rampant series of brazen hacks conducted by a splinter group of anonymous who called themselves LulzSec. They claimed it was “just for the lulz”, but as we explore in this episode, there was much more to this than simply the lulz. Wikipedia - LulzSec [https://en.wikipedia.org/wiki/LulzSec] Wired - Anonymous’ Most Notorious Hacker Is Back, and He’s Gone Legit [https://www.wired.com/2016/10/anonymous-notorious-hacker-back-hes-gone-legit/] BBC - LulzSec hacker helps FBI stop over 300 cyber attacks [https://www.bbc.com/news/technology-27579765] BBC - LulzSec hacker group handed jail sentences [https://www.bbc.com/news/technology-22552753] Purdue University - Hacktivism: The Short Life of LulzSec [https://cyber.tap.purdue.edu/blog/articles/hacktivism-the-short-life-of-lulzsec/] Parmy Olson’s book - “We are Anonymous” [https://www.hachettebookgroup.com/titles/parmy-olson/we-are-anonymous/9780316213523/] Chester Wisniewski speaking on LulzSec for the BBC - 2011 [https://youtu.be/AupFf80ZWhw?si=DxmNA-M6l1znF7QL]

ILOVEYOU [008]

May 4, 2000 many people in world woke up to a love letter in their INBOX. It wasn’t your typical love letter, this one was one of the world’s most destructive email worms and it quickly spread to infect an estimated 10% of the world’s PCs. For a longer write-up on ILOVEYOU, see my LinkedIn Post [https://www.linkedin.com/pulse/after-25-years-our-inboxes-still-arent-safe-chester-wisniewski-7m4bc/?trackingId=ue3Pl4TxT3aopiUGsv1PvA%3D%3D]. Wikipedia - ILOVEYOU [https://en.wikipedia.org/wiki/ILOVEYOU] CNN - ‘I love you’: How a badly-coded computer virus caused billions in damage and exposed vulnerabilities which remain 20 years on [https://www.cnn.com/2020/05/01/tech/iloveyou-virus-computer-security-intl-hnk/index.html] WIRED - The 20-Year Hunt for the Man Behind the Love Bug Virus [https://web.archive.org/web/20200915013501/https://www.wired.com/story/the-20-year-hunt-for-the-man-behind-the-love-bug-virus/] GAO - CRITICAL INFRASTRUCTURE PROTECTION “ILOVEYOU” Computer Virus Highlights Need for Improved Alert and Coordination Capabilities [https://www.gao.gov/assets/t-aimd-00-181.pdf] ELECTRONIC COMMERCE ACT OF 2000- CHAN ROBLES VIRTUAL LAW LIBRARY [https://chanrobles.com/republicactno8792.htm] How ILOVEYOU worm became the first global computer virus pandemic [https://www.blackhatethicalhacking.com/articles/hacking-stories/how-iloveyou-worm-became-the-first-global-computer-virus-pandemic/] BBC - Love Bug’s creator tracked down to repair shop in Manila [https://www.bbc.com/news/technology-52458765]\