Sony implicates 'Anonymous' in PlayStation Network attack

Sony implicates 'Anonymous' in PlayStation Network attack

Summary: Reeling from bad press over its sloppy security, Sony has implicated the 'hacktivist' collective called Anonymous. But a spokesman for the organization says they've been set up. Whom do you believe?

SHARE:
31

Sony has implicated the Internet collective known as "Anonymous" in the recent security failure on its PlayStation Network and Sony Online Entertainment servers, resulting in the potential exposure of personal information used in more than 100 million user accounts on those services, combined.

Sony Computer Entertainment America (SCEA) chairman Kazuo Hirai announced the news in a written statement provided to the U.S. House of Representatives Committee on Energy and Commerce, which queried Sony as part of a hearing on "The Threat of Data Theft to American Consumers."

"When Sony Online Entertainment discovered this past Sunday afternoon that data from its servers had been stolen, it also discovered that the intruders had planted a file on one of those servers named 'Anonymous' with the words 'We are Legion," wrote Hirai. "Just weeks before, several Sony companies had been the target of a large-scale, coordinated denial of service attack by the group called Anonymous. The attacks were coordinated against Sony as a protest against Sony for exercising its rights in a civil action in the United States District Court in San Francisco against a hacker."

Hirai refers to Sony's lawsuit against George Hotz, known on the Internet by his moniker "Geohot." Hotz was involved in an effort to "jailbreak" the PlayStation 3 video game console to allow the Linux operating system and homebrew applications to be installed on it, after Sony removed the PlayStation 3's "OtherOS" feature, which enabled this to be done legitimately.

Sony responded by suing Hotz, but Sony settled with Hotz on April 11th, the week before the intrusion into the PlayStation Network.

Hotz, for his part, has denied any involvement in the intrusion on Sony's network, calling efforts to steal information "not cool" and using saltier language to describe the actions of the data thieves. Such efforts, Hotz added, cast the hacking community in a negative light.

There's no question that Anonymous had targeted Sony for retribution. On its Web site in early April, Anonymous said Sony was receiving its "undivided attention" for taking Hotz to court. Shortly thereafter, users began to complain of interrupted access to Sony Web sites and the PlayStation Network.

Anonymous later said that it ceased any denial of service activities once PlayStation users complained, however. "We have therefore temporarily suspended our action, until a method is found that will not severely impact Sony customers."

Anonymous spokesman Barrett Brown told IT security publication SC Magazine in an interview published Wednesday that Anonymous didn't have anything to do with the Sony Online Entertainment server break-in.

"Anonymous has no record in engaging in credit card theft and resell, and if we did, the FBI would've already come down on us," Barrett said, adding that anyone could have planted the file to implicate Anonymous.

So. Is the intrusion the work of someone associated with Anonymous? Or is it someone just trying to divert attention? Or could the file have been planted by someone at Sony as a means of focusing governmental attention on the rogue group? The plot thickens around Sony's PlayStation Network problems and its ham-handed handling since then, like the latest paperback techno-thriller. I'm certain there are plenty of chapters left.

Topics: Mobility, Hardware, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

31 comments
Log in or register to join the discussion
  • RE: Sony implicates 'Anonymous' in PlayStation Network attack

    I hate to be this way but I've already cancelled the card that Sony had of mine and got a new card. The only thing I want to hear from Sony at this point is when the network is going to be back up. they are, on purpose I'm sure, being extremely vague about this and as a user of both the playstation and having a Sony internet tv that also requires the PSN to be up the only thing I want is the network back
    ricksterd6
    • RE: Sony implicates 'Anonymous' in PlayStation Network attack

      @ricksterd6
      Agreed - I have done the same.

      Unfortunately for Sony - it is going to take a lot from them before I "rejoin" their network. Watching the current shenanigans they are orchestrating, my confidence in them is continually shrinking.
      :(
      rhonin
    • RE: Sony implicates 'Anonymous' in PlayStation Network attack

      I replaced my card also. The second time in a month since that IT firm in Texas, who my local hospital used, allowed my information to be stolen. We all have to assume that our names, SS#, address, mother's maiden name, place of birth, phone number and 'favorite' passwords are all general knowledge.
      The only good thing that could come from this is if people stop using credit or debt cards and put those companies out of business.
      john_gillespie@...
  • RE: Sony implicates 'Anonymous' in PlayStation Network attack

    (http)://anonymousdown.wordpress.com/2011/04/24/anonymous-vs-sony-psn/ < Looks like he knew, Sony should have hired him lol
    plews
  • Let me get this straight...

    ...they found a file called "Anonymous" that contained the text "We are legion".

    And they want us to take this as iron-clad proof Anonymous did it?

    Riiiiiggggghhhhhttttt.

    I think this is Sony wanting to divert attention from their egregious security flaws. Unpatched servers? No firewall? Really, Sony?

    Mind you, this is from the same company that installed a rootkit on millions of users computers and couldn't understand what the fuss was about?

    This from a company that sues someone over modifying hardware *that individual bought and paid for*?

    Really?

    Credibility? Yeah, Sony's heard of it...
    wolf_z
    • RE: Sony implicates 'Anonymous' in PlayStation Network attack

      @wolf_z
      To be honest I believe those cyber terrorist are behind it. THey are no better than the cowards that strap a bomb on another person just to kill innocent people. I think the members of the Terrorist group Anonymous should all be thrown in Gitmo, as they are not activists, but evil terrorists.
      Rick_K
      • RE: Sony implicates 'Anonymous' in PlayStation Network attack

        @Rick_K

        Once again the uninformed expound their diatribe and over-abuse the term "terrorist".
        :|
        rhonin
      • So...

        @Rick_K <br><br>...you're saying that DDOSing == mass murder? <br><br>Um, you might want to rethink that position, it's a bit--insane.
        wolf_z
      • RE: Sony implicates 'Anonymous' in PlayStation Network attack

        @Rick_K

        Are you trolling? I genuinely can't tell or not.
        OffsideInVancouver
    • RE: Sony implicates 'Anonymous' in PlayStation Network attack

      @wolf_z

      Chuckle :D

      Finger Pointing 101 - over abused management tool.
      rhonin
    • RE: Sony implicates 'Anonymous' in PlayStation Network attack

      @wolf_z
      Indeed. Note also the authors complicity in spreading BS... there is no website for anon, no official spokesperson. Everything in this article that claims to be facts from anon is BS, complete rubbish.
      bwalker
      • RE: Sony implicates 'Anonymous' in PlayStation Network attack

        @bwalker Oh, please. Anonymous' enmity towards Sony is documented fact. That doesn't mean I think Anonymous as a hacktivist collective or whatever else sought out to break into Sony's systems, but denying that Anonymous has caused Sony problems in the past is an appalling attempt at revisionism.

        - Peter
        flargh
  • RE: Sony implicates 'Anonymous' in PlayStation Network attack

    I'm thinking this is a setup... Anonymous voluntarily stopped their DoS attacks after complaints and anger from the Sony customers so why would they then go and hack into the network to steal all of this information? In retaliation for the settlement of the Geohot lawsuit? Pure bunk. Sony has a reputation for going after people so my thought is that it was Sony that planted this evidence in retaliation for the DoS attacks.
    athynz
    • RE: Sony implicates 'Anonymous' in PlayStation Network attack

      @athynz <br>I still think they are after Sony, due to the removal of the install Linux issue. The message is even though the case is settled, We are now going to make an example of Sony.<br><br><a href="http://www.youtube.com/watch?v=Q7Syibv4SqM" target="_blank" rel="nofollow">http://www.youtube.com/watch?v=Q7Syibv4SqM</a>
      http://www.youtube.com/watch?v=2Tm7UKo4IBc&NR=1
      Rick_K
      • RE: Sony implicates 'Anonymous' in PlayStation Network attack

        @Rick_K I still disagree. Anyone could have put those YouTube videos up and judging from the comments there's enough dislike towards Anonymous that people can believe it especially after the DoS attacks.

        However

        Anonymous stopped the Dos attacks when the Sony gamers spoke out and stated that their intent was not to mess with the gamers as it was to take action against Sony. Given that their intent was not to mess with the gamers why would they then hack into the network and take information from these same gamers plus those who were on the SOE network?

        The "evidence" Sony found, the YouTube videos... all of that is too obvious. I'm not saying for sure that Anonymous did not do it I'm saying I have my doubts. in any event whoever did this needs to be locked away for a very long time.
        athynz
      • RE: Sony implicates 'Anonymous' in PlayStation Network attack

        @Rick_K

        Even though I think it is a Stupid Feature and somewhat pointless to allow but then not warranty, this is a good expectation to consider why someone is attacking. It is the Other OS removal, or xBox Fans getting scared finally to see PS3 is better. We all knew PS3 systems locally was better from the git go, right?
        Ez_Customs
      • RE: Sony implicates 'Anonymous' in PlayStation Network attack

        @Rick_K

        if Anonymous did infiltrate teh Sony firewall, the DoS wasn't just a DDoS attack, but a distraction to hide the Snoping in the Sony network to get the security holes that allowed access to the core of the network. This makes even more sense then revenge, it is a wake up call and that we totally could have screwed you Sony fix the Network!
        Ez_Customs
    • RE: Sony implicates 'Anonymous' in PlayStation Network attack

      @athynz I think you're letting conspiracy theories run wild. But it's entertaining, that's for sure.

      - Peter
      flargh
  • RE: Sony implicates 'Anonymous' in PlayStation Network attack

    'Anonymous' has never stolen credit card info before, they've always just tried to make a point. Sounds kind of fishy to me.
    simpleone71
    • RE: Sony implicates 'Anonymous' in PlayStation Network attack

      Sony reiterated that there's no official indication that credit card numbers have been stolen or used - that's FUD that they started, themselves.

      - Peter
      flargh