Sony encounters hacker attacks that refract the dark side of the Internet

Once upon a time, batteries were the bane of Christmas parents and children's moods. The children ran down early in the morning to open their long-awaited gifts, and the weary parents were awakened by the eager pleas of their children: "Is there a battery at home?" "If the answer is no, it may be the child's tears, sulking and insecurity," he said. It's not until the end of the holiday that the store opens.

Of course, most toys now have built-in rechargeable batteries, or at least a battery in the packaging. But there are still some things that spoil the good mood of Christmas. This year, Microsoft's Xbox Live and Sony PSN Online services have been hit hard by hackers, leaving them with a very bad impression. The current network function is becoming more and more popular and important. Because of the network Service strike, which makes it impossible for players to play online games or even stand-alone games between the two new hosts, this is an unforgivable thing for the players.

This makes the dark side of connecting hosts and cloud computing surface. Prior to this, no matter what happened to the host manufacturer or the gaming company, whether it was a hacker attack, bankruptcy or other unfortunate event, there would be no real impact on the consumer. Now, hardware and software are increasingly moving closer to online services. Many games have been built into some or even complete online services by publishers, and if there is no network, the game may have some or all of its functions affected. In addition, Web services can easily become the target of hackers, at this time you can not help thinking: "Why do I spend so much money to buy games and hardware will be on strike?" ”

Many players have criticized Sony and Microsoft for not providing secure PSN and XBL, especially Sony. For Sony, PSN is not the first time paralyzed by hacking. PSN was hacked in 2011 and lost 77 million user data. and interrupted service for nearly one months. Sony also recently leaked the company's internal documents and e-mails because of the film "Assassination of Kim Jong Un". Sony's reputation for information security is already in its name. So the PSN is paralyzed at Christmas, and the players tend to turn most of their rage to Sony.

However, I think it is unfair to blame all of the blame on the network operations teams of Sony and Microsoft, accusing them of ruining your Christmas holiday. In the eyes of the media, XBL and PSN strike because the hackers "black". But the truth is a little more complicated, Sony PSN the 2011 strike was really hacked, and hackers exploited the insecure systems of Sony's internet-linked computers to access private resources and steal customer data.

The reason for this Christmas PSN strike is completely different. All indications are that PSN is not "hacked", either because of insecure networks or for access to private resources. Hackers have used a more powerful way to disrupt the company's online services: "Denial of service" attacks, flood-type service requests using massive amounts of Internet traffic, making it impossible for legitimate users to access the network.

This approach is very complex and very worrying, so that those who do not have the technical skills, but also the malicious people can achieve their goals. "Denial of service" attacks generally: first of all, the world's computer infected Trojans become "broiler", these computers are more common desktop and notebook, may belong to the company, may also belong to individuals. The computers were then ordered to start flood-service requests to the target, and the computers continued to function properly so that their users did not know that their computers had been hijacked for cyber attacks.

All in all, these computers are called "zombie Computers", and the sum of these computers is called "botnets," and people with a little bit of technical knowledge can rent a botnet at a relatively inexpensive price, and then vent their grievances and resentment against certain Internet services.

Worst of all, even servers that have been patched with the latest security patches are vulnerable in the face of botnet attacks. Although distributed cloud services can be immune to botnets to some extent, ultimately services like PSN or XBL need to rely on a central node for data storage and exchange. Some cunning botnet can launch a flood-type attack on a node on the Internet. These flows come from countless ordinary, fully legitimate PCs. No network system can handle such a huge amount of data traffic at the moment. Ironically, some disgruntled gamers have been PSN and XBL on social networks when their computers became chickens and were quietly being used by botnets to launch cyber attacks on PSN and XBL.

For Microsoft and Sony, only the hackers can stop the attack, and then check their services and online as soon as possible.

Instead of questioning the political motives behind the attack, the hacker may be just "curious", probably just "interesting", or perhaps to keep people away from the game during the Christmas holidays. The worst thing is that the tools and resources needed to do this kind of cyber attack right now are simple enough to be easy for even a fool to abuse.

Now there is a view that the paralysis of XBL and PSN is attributed to Microsoft and Sony rather than their network operations team. Companies as a whole, they are doubtless not expecting enough. But network outages are sometimes normal, either because of a service failure, or because of your own Internet connection problem, or forced offline because of a hacker attack. Unfortunately, when hackers find such attacks to be a worldwide concern, they are likely to continue to attack PSN and XBL in the future.

It should be a wake-up deal for the industry: games consoles and games, unless absolutely necessary (most MMO operators will be paralyzed when they are attacked by a network), or they should have complete functionality when they are not connected. In addition to the new online functional components should be carefully evaluated in advance, the network interruption of the situation to have a systematic understanding, should be as far as possible to ensure the integrity of the game function, provide a perfect experience.

Of course, this may mean making sacrifices for manufacturers, such as DRM digital rights protection systems that require instant online access. But the company's top priority should be to make sure that your paid users are not bothered by situations that they cannot control, or that vendors will have no way to go if they need server support but are not connected.

Now for us, the future of "permanent online" seems to be closer than ever, but it's just an illusion: in fact, the more often we're online, the more likely it is to be the target of malicious hackers and cyber attackers. And some attacks have long been proved unstoppable. Platform owners, publishers, hardware manufacturers, operating systems, and gaming software should recognize that the online systems available to users are flawed, rather than naïve hopes of relying on a utopian, sustainable network that will avoid more Christmas tragedies.