Here’s Why Xbox and PlayStation Were Offline on Christmas

YOSHIKAZU TSUNO/AFP/Getty Images

YOSHIKAZU TSUNO/AFP/Getty Images

On Christmas day, hundreds of thousands of gamers woke up to find a brand new Xbox One or PlayStation 4 sitting under the tree. You can imagine their excitement as they plugged the systems into their entertainment centers, eager to hop online to blast some newbies in Call of Duty: Advanced Warfare or binge watch House of Cards on Netflix. What they encountered, however, were error messages saying they couldn’t log into the online services. Merry Christmas indeed.

Sony’s PlayStation Network and Microsoft’s Xbox Live — the paths to any kind of online connection for the consoles — were both down as a result of apparent distributed denial of service (DDoS) attacks by hackers. DDoS attacks are designed to overwhelm servers with large amounts of artificial traffic, making it difficult or impossible for regular customers to log on.

Sony confirmed in a blog post that its outage was caused by “high levels of traffic designed to disrupt connectivity and online gameplay.” Microsoft hasn’t detailed the cause of the attack, but it’s safe to assume a DDoS attack is the culprit.

Console owners could still play disc-based games offline during the outages, but many games, like Destiny and Halo: The Master Chief Collection, either require online access to play at all, or have large online components that were inaccessible during the downtime. Even separate online services like Netflix became unusable on the consoles.

The Twitter accounts of both Xbox Support and PlayStation acknowledged the issues. A Microsoft spokesperson announced the following morning that Xbox Live was back online. The PlayStation Network remained down for two days, and some users experienced on-and-off issues for several more days.

On Twitter, a hacker group called Lizard Squad took credit for both outages and said they’d relent if they racked up 5,000 retweets. This isn’t the first time the Lizard Squad has taken credit for such disruptions.

Source: Microsoft

Source: Microsoft

In a bizarre twist, the Lizard Squad apparently ceased the attack after MegaUpload founder Kim Dotcom sent them 3,000 vouchers for his new uploading service, MegaPrivacy. The vouchers are each worth $99, making the total “ransom” worth about $300,000. Dotcom posted an image of the Twitter exchange that drew the attacks to a close. In it, he stipulates that if Lizard Squad takes down either service in the future, the vouchers will become invalid.

In an interview with The Washington Post, an anonymous Lizard Squad member states the goal of the DDoS attack. “Well, one of our biggest goals is to have fun, of course. But we’re also exposing massive security issues with these companies people are trusting their personal information with. The customers of these companies should be rather worried.”

The member says he considers bringing down services like this to be something of a game. “Well, it’s often sort of like a game of chess. Your opponent does something to prevent your attack, and you alter your attack to get around your opponents’ defenses.”

Security blogger Brian Krebs has posted an article revealing two members of the Lizard Squad, both of whom were interviewed on BBC Radio the day after Christmas. The members, identified by the aliases Member 1 and Member 2, show little remorse for the damage they have inflicted.

After revealing their identities, Krebs cautions, “Both of these individuals may in fact be guilty of nothing more than taking credit for other peoples’ crimes. But I hope it’s clear to the media that the Lizard Squad is not some sophisticated hacker group.”

In response to the outages, Rockstar Games, the company behind Grand Theft Auto V, has extended the availability window for several “Christmas gifts” it was offering players of GTA Online. Bungie, the maker of Destiny, has announced it will keep a rare item merchant around longer than originally planned to accommodate the services’ downtime.

Although Lizard Squad has implied it will no longer attack either service again, don’t expect 100% up-time in the future. Attacks like these are just part of the cost of doing business in this always-connected world of ours. It’s great when when everything is working as planned, but it can be a real pain when it’s not — something hacker groups like to reminds us about from time to time.

Follow Chris on Twitter @_chrislreed

Check out Tech Cheat Sheet on Facebook!

More from Tech Cheat Sheet: