Sony implicates 'Anonymous' in response to Congress
Sony's Kaz Hirai has responded to the House subcommittee letter, implicating Anonymous as responsible for the PlayStation Network and Sony Online Entertainment data theft.
The data breach of Sony, including PlayStation Network and more recently-discovered Sony Online Entertainment, attracted the attention of Congress. Sony decided not to appear personally at a data theft hearing, but Kaz Hirai has given the company's official response, which implicates the hacker group Anonymous for the attacks.
In a letter to the US House of Representatives Subcommittee on Commerce, Manufacturing, and Trade (summarized on the PlayStation Blog), Hirai explains that the hackers left a calling card. "When Sony Online Entertainment discovered this past Sunday that data from its servers had been stolen, it discovered that the intruders had planted a file on one of those servers named 'Anonymous' with the words 'We are Legion'," Hirai explained.
Though the the SOE theft was discovered later than the PSN attack, it took place at the same time by exploiting shared infrastructure. Sony emphasized that it hadn't suffered a second attack, but rather that SOE's intrusion took longer to detect. That means that if Anonymous is responsible for the SOE attack, it's responsible for PSN as well.
For its part, Anonymous has denied involvement in the attacks, but even in that denial admitted that "other Anons" may have "acted by themselves." When the group apologized for inconveniencing users with denial-of-service attacks, a statement pointed out, "different operations are 'run' by different people." The group noted that it is "comprised of people with diverse points of view, of which not all coincide with one another."
Hirai also gave three reasons why it may have taken Sony so long to detect the problem: the sophistication of the attack, an unknown system vulnerability, and the fact that Sony was focusing on the denial of service attacks. "Whether those who participated in the denial of service attacks were conspirators or whether they were simply duped into providing cover for a very clever thief, we may never know," he said. "In any case, those who participated in the denial of service attacks should understand that - whether they knew it or not - they were aiding in a very well planned, well executed, large-scale theft that left not only Sony a victim, but also Sony's many customers around the world."
The letter also says Sony shut down networks "as soon as threats were detected," but reveals that they noticed off-schedule system reboots due to "unauthorized activity" taking place on 4/19 -- a full day before the PSN shutdown on 4/20, and two weeks before Monday's SOE shutdown.
The House letter to Hirai became part of a data theft hearing, planned before the Sony attacks, that is currently underway. You can watch it live on C-SPAN.
-
Shacknews
replySteve Watts posted a new article, Sony implicates 'Anonymous' in response to Congress.
Sony's Kaz Hirai has responded to the House subcommittee letter, implicating Anonymous as responsible for the PlayStation Network and Sony Online Entertainment data theft.-
-
-
If someone hits you and you turn around and say "Is that all you got?", don't be surprised if they knock you down next time.
Nothing justifies the attack, and I am worried about identity theft now as much as the next guy on the PSN network. I was just making the point when I read Sony's first response to the Anonymous attack I was questioning if it was a good idea. Regardless, whoever has any of my personal information I would like Seal Team 6 to pay them a visit.
-
-
It would be odd for Anonymous to immediately come out and say the didn't do it when they took full credit for the original attack. I may be a bit naive, but I believe them when they said they would target Sony in a way that wouldn't affect customers as much as their original attack did. Heh, unless this turned out to be a major "whoops!" moment for them.
I still think it was an inside job though.-
[deleted]
-
-
-
-
I know. I don't know how you can prosecute an organization that doesn't even recognize its own structure.
-
it's not about prosecuting an organization that doesn't recognize its own structure. you can compare the structure to something like Al Queda (i'm not saying they're nearly as bad), but the idea is that you can call something an organization without it having recognizeable structure.
i guess the more proper terminology would be to call refer to it as "people associated with Anonymous" but still, it's just simplicity. i think almost everyone in the media knows full well by now that there's no chairman of the board of Anonymous for us to indict -
They're not building a fucking RICO case. They'll go after the little shits who did it and move on.
-
-
-
I highly doubt that any organized part of Anon had anything to do with the intrusion and data theft - that's just not their M.O. I feel that they are, as someone already wrote, being used as a patsy. All it takes is someone to drop 'Anonymous - We Are Legion' on the server to implicate them.
If Sony can't bring the actual hackers to justice, they'll just go after Anon. Given the shitty P.R. image of Anon, it seems far likelier that they'll just jail a handful of Anon's and go lynch-mob if it proves to be the shorter path to a public relations solution.
"Look guys - we caught 'em! We're cool - come back online!"
-
So basically Anonymous is the Al-Qaeda of computer hackers. I really don't understand their motives. All this because Sony removed the Other OS functionality? Is the PS3 individually really that significant among the whole body of personal computing devices? What about the other game consoles? What about Microsoft Windows? What about Apple? If you want to make a statement about "open platforms" for all consumers or whatever, wouldn't you go to the top, rather the the third/second place manufacturer of some dated hardware in the games industry? Overall this seems pretty childish.
-
you're assuming way too much intelligence on a group of mouthbreathers
-
They have no motives... No brains either, the FBI just needs to gather as much of the group as they can and just jail them, make a example out of them...
-
Oh - I can see Juvenile Detention Facilities just filling up with your average Anons.
-
-
Ya, I'm sure thats exactly what happens...
-
I picture Anon to be like that hacker in The Core.
-
-
-
Motives? "Anonymous" is the label for a bunch of bored, disaffected people who hang out on 4chan and IRC. You make it sound all organized. Anonymous is the five thousand idiots who show up when someone accidentally makes a party invite "public" on Facebook. Sure, one of them maybe thought it would be a good idea, and another few thousand just followed because they were bored and have nothing else to do. It's the online equivalent of stoned youth hanging out under a streetlamp at 4am when one of them mentions that he knows how to pick locks.
-
You sound mad
-
-
-
It's them, they started this whole thing and they should be blamed for it... Obviously they have lost all control in their group because now it's every hacker for themselves. Anonymous used to have meaning now they are attacking consumers and denying it to save their own asses.. I'm getting tired of hearing about this Sony will fix the problem and we'll all move on. Groups like this shouldn't be allowed to get away with this crap, they already ruined their Anonymous movements for the future.... I hope to never hear from this group of idiots again...
-
No it's not.
-
btw are you TFO?
-
Assume much? Just because Kaz SAYS it was anonymous doesn't make it true.
While I don't agree with anonymous' tactics, they haven't engaged in financial data theft before. They usually do a denial of service, at worst, to make their point. This, this is something completely different.
It may turn out to be them, or a rogue person or persons from anonymous, but this just doesn't seem like something they would do.-
People who are skeptical (!?) that a hacker group that made grandiose, well publicized statements about Sony like a month ago are behind the attack just puzzle me. Anything's possible, but Total Recall is making a pretty safe assumption.
-
Interesting that the general sentiment seems to be trusting of Anon.
How do you know they haven't engaged in financial theft before? Because they said they haven't? What makes their word more trustworthy than Kaz?
It's intriguing that people are willing to trust and support a group that is suspect of having enough expertise to steal your financial and personal information.
-
-
[deleted]
-
[deleted]
-
Seriously, Anonymous had such promise to improve ___________
-
-
[deleted]
-
WoW gold farmers?
-
-
Can't "Anon" be just one person or small group under the "Anon" umbrella? I thought that was the point...it can be anyone
-
-
My impression is it's whoever feels like joining in. I.e. if someone says "Anonymous is going to protest scientology" then it's whoever feels motivated to pick up a sign and wear a facemask. Or if someone says "anonymous is going to DOS Sony" then anonymous is whoever feels like joining the effort.
-
-
-
There is no honor among hackers.
But still it's kinda easy to blame anybody on anything.
Hell if you post as a guest on most message boards/forums you are labeled as anon >.>"-
-
Anon was no central leadership, which means one person can't say they did or did not do it.
They could have been involved or maybe they put the file on the SOE servers along time ago when the first DDOS attacks started and Sony only found it now. Who knows.
-
[deleted]
-
-
-
-
So everyone is saying Anonymous did ....
Let's look at it this way:
Sony has no idea who did it, they say Anonymous planted the file.
Said hacker(s) knew Anonymous had ddos'ed sony before, used that as cover, planted a file called Anonymous to throw Sony off their trail.
This all sucks ... sigh
-
-
Not using an alias doesn't necessarily make you an Anonymous, but like wangel said, the common perception makes it easy to use Anonymous as a smoke screen. My guess? A legacy from the DDoS, Sony or their hired security firm making stuff up for lack of a clearer culprit, or the aforementioned smoke screen by an individual looking for a patsy.
-
haha what?
-
Exactly what he said?
If the hacker doesn't leave a call tag, they are technically "part of" anonymous. As anonymous isn't really a unified collective but rather almost a default.
Once anon starts using hacker-names! (and effectively stop being anonymous), then any anonymous hacker will stop being part of anonymous and go back to just being anonymous.-
I'm partial to names with "acid" in them.
-
-
-
-
this is like an episode of 24.
-
-
That makes no sense, because anyone can BE anonymous. If a hacker does that, then he's in anonymous. It's like Al-Qaeda. It's not a real organization but plenty of people can be grouped up in or say they're a part of it. It's not like you have to register to be an anon. It's a mob group.
It also works both ways. So when Anon starts doing something stupid they can then say "Well those messages were planted by Westboro Baptist Church...cuz they wanted to be hacked for publicity..uhhh...yeah."
-
-
Regardless of who did it Sony should be held accountable for not encrypting the data.
-
does that mean Anonymous will hack them for real and then their network will go down again? I don't know why I'd find that a hilarious response, but they're asking for it.
-
Very smart move by Sony. Blame a group of disorganized amateurs for being able to break into their "ultra-secure" network.
I thought they wanted to AVOID more reputation damage.-
It's worse than that. They have actively taunted Anonymous now. Ask HBGary how that worked out for them when they did this.
-
-
I agree with you a lot of people are reading more into this than needed. What it looks like is that there is an investigation going on and this file was uncovered. Does that mean Anon did it.. nope. It could be that its just a red herring to throw of the trail. Either you can not just push it aside as if it was nothing, you gotta look into who left that message and why. It would be foolish just push the file aside Anon did have motive but A. This does not fit their MO and B. Did they the have means? Or was this planted by the real culprits to cover there trail. Either way both theories at this point have be to looked into.
Either way this was not as simple of an issue as first thought.
-
-
-
-
Odds on PSN being back up by the end of May?
-
That a file named "Anonymous" with the text "we are Legion" written inside of it, doesnt mean anonymous did it.
Its like if someone killed his neighbour and then leaves a note by the body signing it with the name of the neighbour 2 houses to the left for example.
Or like if someone planted a bomb, and then shouted "long life "insert country here", that doesnt mean hes from that country.
They are just searching someone to blame for.-
Adding something ^^.
They should not stop at just looking at the note and, oh so it was them, work finished.
They should look into the data that is really useful, and try to get the Ip / pc from where that file was created / sent, even if the one that did it tried to delete his footsteps. And see if they were really the ones behind it or not.
And then point the one responsible with real proof.-
the problem is, anyone and everyone is potentially in Anonymous. Anonymous can't come out and say they had nothing to do with it or that an anon didn't put that there, because they have no records of who actually is in Anonymous and who isn't, because by definition everyone and anyone that's anonymous is Anonymous
-
-
-
-
From networking to marketing to usability (DRM/firmware) to software/developer support, what has Sony managed to do right this generation? That's probably a shorter list than what they've gotten wrong or managed to screw up.
The hardware is pretty reliable, right? A lot of the fatties seem to be dropping but they're nowhere near RROD territory.
They got lots of good single player games.
That's about all I got.-
They've managed to strong-arm the industry into adopting Blu-Ray. Though I think it depends on your definition of "right"
-
-
