Phantom Squad Hacking Group Claims Credit For Three-Hour Xbox Live Outage 49
An anonymous reader writes: The Phantom Squad hacking group appears to have anticipated its own Christmas schedule for attacks on the Xbox and PlayStation networks by taking credit for a three-hour outage on Xbox Live services in the last 24 hours. Apparently the group, which has disassociated itself from the Christmas 2014 attacks on the PS4 network, claims like them to be engaging in PenSec testing for gaming networks, and before itsTwitter account was suspended tweeted: 'If cyber security really has existed. Then what we do should not be possible.'
Ahhh yes (Score:1)
Re: (Score:3)
I think what they mean is that the internet as a whole just basically lacks cybersecurity. There really is more we can do to stop it, such as mandatory throttling and/or disconnecting of users that are known to be running compromised systems. Do it on a global scale with i.e. a treaty organization whose sole purpose is to protect the internet infrastructure itself (i.e. no intellectual property trolling, anti-terrorism, anti-fraud, etc, just nothing but an organization that sets rules and standards for maki
Re: Ahhh yes (Score:1)
Re: (Score:2)
However I imagine it will just drive botnet creators to be smarter with their operation. Showing lack of security by exploiting a fundamental weakness that doesn't do anything more than irritate customers is rather pointless. If you want to show customers how little organisations care for their 1s and 0s then the talk talk breach is a nice example (shame about the extortion).
I'm totally fine with that though, because there are countermeasures that you as either an individual or an organization can utilize; you just have to get smarter with your own cybersecurity. However the current status quo is the internet equivalent of terrorism before the Bush Doctrine. That is, people openly DDoS you, you know what systems they are doing it from, and hence you know exactly what systems to block, but there's nothing you can do to forcibly disarm those systems as their owners effectively gr
Re: (Score:2)
One really big, huge thing we could do right now -- today -- if everyone got on board, is ingress filtering at the ISP level (see: BCP 38).
Basically puts an end to DDoS attacks that rely on spoofing source addresses, as is common in thinks like DNS amplification attacks.
Re: (Score:2)
I have no idea why all routers dont routinely refuse to pass packets when they can determine they have faked originating addresses.
Re: (Score:2)
It's a combination of lazy admins and performance load issues on the routers. Having that check would increase the ping time causing more lag in the net. And that may upset some gamers.
Re: (Score:1)
Someone will just write a tutorial on how to disable it in their router and, sure enough, it'll keep going. It's gotta be done at the ISP level, I think?
Anyhow, I heard windows are vulnerable to bricks. It sure would be insightful and making a statement to penetration test those windows.
Re: (Score:2)
I saw some metric that said all DDOS's and spam emailing going on at any one time accounts for over 60% of the entire traffic on the internet.
Admittedly I'm guessing but I would bet money on getting rid of most of that will have a far more significant positive effect on your gaming ping than a small negative one from your router needing to confirm the originating address of packets.
Re: (Score:2)
As far as I'm aware, this is already done in most ISPs in the US. It's called Reverse Path Forwarding:
https://en.wikipedia.org/wiki/... [wikipedia.org]
It's also useful in that it helps prevent multicast routing loops, so even if you're not trying to prevent spoofing, it's still good to use if you're an ISP, hence most of them do it. Basically every campus and/or service provider grade router supports it, even in hardware/asic so that you don't use high CPU in high traffic conditions. It's pretty much just the most nobody/b
Re: (Score:2)
You are expecting ISP's to actually spend money on security and infrastructure?
What bizzaro world do you live in?
And nobody noticed (Score:2, Funny)
Because they were watching star wars.
Re:And nobody noticed (Score:4, Insightful)
And nobody really cares if services like Xbox Live goes down. It's only affecting a few users.
But if it was an impact on Wall Street then it would be headlines all over.
DDoS can be thwarted and companies this big can (Score:1)
It's really on the end-user to protect themselves online. Acting as if it is the governments job is absurd.
meanwhile... (Score:1)
Meanwhile, all the games I bought on GOG were still working fine.
It's boring. (Score:5, Insightful)
It is adolescent. There is so much to discover in the world from molecular biology to astrophysics and all these folks can muster as their contribution to humanity is to hold their dicks in their hands and giggle as they frustrate people for a few hours who are trying to play computer games. Pathetic.
Re: (Score:2)
Re:It's boring. (Score:5, Insightful)
It is adolescent. There is so much to discover in the world from molecular biology to astrophysics and all these folks can muster as their contribution to humanity is to hold their dicks in their hands and giggle as they frustrate people for a few hours who are trying to play computer games. Pathetic.
Bingo, and well said.
These little wankers haven't done anything except show that it's easier to break stuff than to make stuff.
It's like throwing a rock through a window and then bragging about it, as if it had taken the slightest bit of skill or intelligence or insight, or anything.
Honestly, if someone hunted these pukebags down and beat the living shit out of them, I'd have a hard time feeling but joy about it. I know it would be wrong, but I'd be hard pressed to condemn it.
Re: (Score:2)
You guys basically just described Slashdot.
No, there are a lot of decent people here, but every community attracts its share of assholes and losers.
It doesn't matter what the topic is or what the site is about, sooner or later the jerkoffs arrive and begin pissing in the corners, posting crap (APK, anyone?) and generally just shitting things up for no other reason than that's who they are.
Re: (Score:1)
Think of it as a public service announcement warning against buying expensive things that require the internet to function properly.
Security? watev dude (Score:4)
I laugh at the way they act like theyr'e some kind of 'l33t hax0rs' and they talk all about security of Microsoft/Sonys networks, but all they're doing is some lame skript kiddy DDOS that doesnt actually penetrate any security at all.
Re: (Score:2)
'If cyber security really has existed. Then what we do should not be possible.'
It's the lack of basic security principles that makes this stuff possible.
Re: (Score:2)
Re: (Score:2)
Well, it at least solves the problem of repeated offenses.
Re: (Score:2)
Well the internet bascially started out on the priciples of an academic community, which presumed some level of basic intelligence and cooperation between its users. They probably couldn't even conceive of users that would actively try to act like they had microscopic penisses.
Re: (Score:3)
Actually ....the internet grew from ARPANET who's goal was to exploit new computer technologies to meet the needs of military command and control against nuclear threats, achieve survivable control of US nuclear forces, and improve military tactical and management decision making.
Re: (Score:2)
you could equally argue that its just the lack of traffic shaping that makes DDOS attacks possible.
Tit for tat (Score:2)
Find these fuckers homes and use a sledge hammer to break down the doors and take their stuff. "If you had proper home security, this wouldn't be possible."
In related news (Score:2)
The Wanker-Squad Arsonist Group said they're not arsonists, they're just fire-testing some buildings. If the buildings were properly fire-proof, what they did wouldn't be possible.
And nobody noticed.... (Score:2)
Because Xbox Live servers have been flakey for the past year.
Why dont they also claim responsibility for Comcast uptime sucking?