According to Bloomberg the hackers that took down PSN used Amazon.com's web services cloud-computing unit. It is alleged that the hackers rented a server from Amazon.com Inc under an alias and then attacked the PlayStation Network from the server they had rented. The account has since been shut down.
This is a breakthrough in the investigation for Sony and gives them more information as to how the hackers actually broke into their network. The intrusion to the network has endangered over 100 million Sony PlayStation users. Sony has dubbed this attack as "a very carefully planned, very professional, highly sophisticated criminal cyber attack".
What is startling however is the fact that the hackers did not illegally gain access to Amazon's servers. Instead they signed up as another other person would do.
Cloud server security is one of Amazon's top priorities, highlighted by the comments of CEO Jeff Bezos:
Data security is one of these great dynamic situations where the bad guys get better, and the good guys have to keep getting better too -- it’s not a static situation. I don’t think this is ever going away -- it’s like trying to say that you’re going to get crime to go away.
It is highly likely that the FBI, who are assisting Sony with the investigation, will subpoena Amazon or try and obtain a search warrant.
Former FBI cyber-crime investigator, E.J. Hilbert, stated that: "The subpoena will give law enforcement a history of the transactions" and "The search warrant will get them more detailed information, including payment information and which credit card was used."
In response to the attacks Sony have offered its users a free year of identity-theft protection and has told users to be aware of any suspicious credit card transactions. [via CVG]Contact Us for News Tips, Corrections and Feedback