The Canadian Sony Ericsson eShop is the latest in a series of security hacks targeted at Japanese electronics maker Sony Corp., which, since April, has suffered attacks to its PlayStation Network, Sony BMG Japan, Sony BMG Greece, its So-net Internet service, and a Sony server located in Thailand.
The blogosphere responded promptly with criticisms of Sony’s security measures. On the eScan Blog, the writer says the attacks on Sony make for a brilliant case study on how to guard against SQL Injection Attacks.
“… the list of mistakes which admins and IT management team of Sony committed can be a thesis in itself. What were their intentions when they were designing / deploying such architecture is a matter to be analyzed,” the blog reads.
The blogger goes on to predict that Sony’s grief is far from over: “Sony has a huge market share in terms of consumers and one phishing attack can yield a treasure trove, after all, more than 100 million accounts were compromised.”
On the Naked Security blog, Chester Wisniewski writes that the lesson to organizations is prevention is cheaper and smarter than waiting to get hacked. “It would cost far less to perform thorough penetration tests than to suffer the loss of trust, fines, disclosure costs and loss of reputation these incidents have resulted in,” writes Wisniewski.
But the upside, Wisniewski continues, is that the outcome of all this fracas for Sony will likely be a very enviable Web security: “While it's cruel to kick someone while they're down, when this is over, Sony may end up being one of the most secure Web assets on the net.”
On The Right Ways To News, a blogger suggests that later attacks on Sony may be driven by a different motivation than from the outset: “At this point it’s tempting to say the attacks have moved into a new territory, with hackers simply kicking Sony when it’s down, acting in some kind of mob rule—rather than the ‘protest’ attacks that began with Anonymous.”
Along a similar vein, blogger Jim Sterling writes on Destructiod that the degree to which Sony has been the target of security hacks is “disturbing” and that its public relations effort in this regard couldn’t get any worse.