MSP Cloud Feature Article
May 16, 2011

Amazon Web Services Fingered for Sony Personal Info Theft

Evidently (News - Alert) Inc.’s Web Services cloud-computing unit was used by the hackers who attacked Sony Corp.’s online entertainment systems last month, to pull off the second-biggest online personal information heist yet recorded.

According to various news reports citing people with knowledge of the situation, it was not an instance of the Amazon servers being broken into. The hackers rented a server through Amazon’s EC2 service, posing as a legitimate company but giving false information, to launch the attack. The account has been shut down.

According to Bloomberg (News - Alert), Amazon’s cloud-computing service “is as cheap and convenient for hackers as it is for customers ranging from Netflix to Eli Lilly.”

The attack compromised personal account information for over 100 million Sony customers. In a statement released after the attack, Sony officials called it “a very carefully planned, professional, sophisticated” attack. Patrick Seybold, a U.S. spokesman for Tokyo-based

Sony, said the company is “continuing to work with law enforcement in an ongoing investigation into the situation.”

Bloomberg quoted Pete Malcolm, chief executive officer of Abiquo (News - Alert), which helps customers manage data internally and through cloud computing, saying “anyone can go get an Amazon account and use it anonymously. If they have computers in their back bedroom they are much easier to trace than if they are on Amazon’s Web Services.”

The Register (News - Alert) noted that earlier this year, German security researcher Thomas Roth showed how tapping the EC2 service allowed him to crack Wi-Fi passwords in a fraction of the time and for a fraction of the cost of using his own computing gear. For about $1.68, he used special Cluster GPU Instances of the Amazon cloud to carry out brute-force cracks that allowed him to access a WPA-PSK protected network in about 20 minutes.”

In late 2009, The Register said, a ZeuS-based banking trojan “used the popular Amazon service as a command and control channel that issued software updates and malicious instructions to PCs that were infected by the malware.In both cases, those tapping the Amazon cloud did so as paid customers.”

David Sims is a contributing editor for TMCnet. To read more of David’s articles, please visit his columnist page. He also blogs for TMCnet here.

Edited by Jennifer Russell

Comments powered by Disqus