Anonymous attacks on Sony annoying, not much more

The total amount of firepower used to flood Sony websites this week? It's only "medium strength," says a source at Sony's hosting provider who is not authorized by his employer to speak on the record.

The hacker collective Anonymous has been hammering Sony all week—both online and off—over the company's lawsuit against PlayStation 3 hacker George Hotz ("GeoHot"). The online attacks have largely used the Anonymous tool of choice, the Low Orbit Ion Cannon (LOIC), to flood Sony's servers with enough information to create a distributed denial of service attack. LOIC was built as a network stress-testing tool but has been repurposed by Anonymous to create voluntary botnets in which Anons contribute bandwidth to take down a shared target.

It's an effective tool; Sony websites have been bouncing up and down all this week, and the job site sonycareers.com is currently down after being targeted by Anonymous. But it's not exactly the nuclear bomb of Internet weaponry, not unless Anonymous can marshal many more machines.

A source at Sony's hosting provider, which handles operations like Sony Computer Entertainment America (SCEA) and Sony Music, tells Ars that the DDoS attacks have been underwhelming. The source characterized them more as an annoyance than an unstoppable force. They "annoyed our network engineers," says the source, but are only of "medium strength."

So why have Sony servers been going down all week? The source said that the data flood wasn't overwhelming, but it was coming from a large enough number of IP addresses that it took the hosting provider's engineers time to block them all. Big batches of offending IP addresses are sent to the engineers, who blacklist them; in the meantime, a specific domain might go down "for an hour" or so while the blocks are put into place. The server then comes back up. According to the source, this takes time, but it's not difficult.

Anonymous has attacked this hosting provider before, when it was going after some luxury good manufacturers. (For instance, last month Anonymous launched Operation Skankbag against Louis Vuitton, after Vuitton tried to stop an artist from selling shirts showing an African child with a handbag.) The current round of Sony attacks is much stronger than the luxury goods attacks.

The hosting provider has already sent the word around internally, warning all employees about possible social engineering attempts to access the Sony servers or otherwise interfere with the Sony account.

For now, the hosting provider just plays a game of Whac-a-Mole with bacthes of IP addresses, blocking the offending traffic. Sony has also apparently signed on with Prolexic, a DDoS mitigation service that can scrub incoming traffic or employ other tricks to make sites harder to take down. Prolexic did not respond to our request for an interview, but various Anons involved in the Sony attacks worried about Prolexic's ability to withstand an assault.

KoraX: Prolexic will absorb anything that loic can throw at it, innocent_whistler: didnt scientolodgy hire prolexic agenst us befor
KoraX: Thats why sony.com won't go down
KoraX: innocent_whistler: indeed they did! DrQuestion: I thought it was down
KoraX: naw, The auth site is down, other sites are down, from what i can see sony.com is up KoraX: And yes, its me Ghoster^: yeah they wont go down, if they are under prolexic Ghoster^: we have to plan for another course of action Elitestate: sweet, what is it?
Ghoster^: thats why i said we have to plan.. haha

The involvement of Prolexic also made the company fair game for targeting (and indeed, some Anons spent time digging up information on the company's founder).

sprog: listen its going to take a lot to down sony, this is what prolexic is paid for to protect companies against ddos attacks, this foiled one of our plans before
sonyrecon335: I've messaged Journalists - it's now just a waiting game.
Takai, could I ask that I now go after Prolexic employees, as they're standing in the way of our #Opsony's current objective?
Takai: Have at'er
WhiteRabbit: its pretty much game over....Plolexic can stop attack at 150GBps.
narc0synthesis: hahaha unless we r00t prolexic and fuck them up, make them back off

As for the hosting provider, the plan is to wait until Anonymous just runs out of steam. "They're going to get bored," says our source.