Sony have said that the hackers who stole more than 100 million users personal details from the recent intrusion left a file implicating Anonymouse, the well known hacktivist group.
Kazuo Hirai, chairman of Sony, said in a letter to the US Congressional committee that a file was found by investigators named ‘Anonymous’ with the words ‘We Are Legion’, part of their motto.
Hirai also claimed that the breach, which began on April 16th was also linked to DDOS attacks on Sony systems launched by Anonymous in response to their targeting of George Hotz, after he posted the root key to the Playstation 3 online.
Hotz, or ‘Geohot’ managed to hack the system to get the root key which meant that other people could run unauthorised software on the Playstation 3. Sony then sued him in January after he published his findings.
Hirai said “Several Sony companies had been been the target of a large-scale, coordinated denial of service attack by the group called Anonymous. The attack were coordinated against Sony as a protest against Sony for exercising its rights in a civil action in the United States District Court in San Francisco against a hacker.”
Warnings went out to Sony after they publicly targeted 21 year old Hotz, saying that they could be in trouble from the hacking community if they continued to pursue him. Anonymous then issued a series of threats saying they would be causing the electronics giant serious issues. Hotz also went on record saying that he had nothing to do with the recent downtime for Sony.
“In the eyes of the law, the case is closed, for Anonymous it is just beginning,” a video message posted on YouTube on April 13 said. It called for people to take action in real world protests against Sony on April 16th and Anonymous warned the firm that they should “prepare for the biggest attack you have ever witnessed, Anonymous style”.
Hirai said that the denial of service attacks by Anonymous helped the data hack because “security teams were working very hard to defend against denial of service attacks, and that may have made it more difficult to detect this intrusion quickly – all perhaps by design”.
77 million user names, addresses, email addresses, personal information and hashed passwords were stolen and this was detected on April 19th. An attack at the same time which stole 25 million gamers details from Sony Online Entertainment was not found out until 1st May.
Both systems are still offline and under investigation by the FBI and digital forensics contractors.
There is a theory that Anonymouse are actually NOT behind the attacks, but that a group of professional cyber criminals hijacked the denial of service attacks and planted a fake file to place Anonymous in the field of fire.
“Whether those who participated in the denial of service attacks were conspirators or whether they were simply duped into providing cover for a very clever thief, we may never know,” Mr Hirai said.
Sony have came under attack from the press and public for being so slow to respond to the problems, and in letting customers know their information was compromised. Hirai has defended their position on this “Throughout the process, Sony Network Entertainment America was very concerned that announcing partial or tentative information to consumers would cause confusion and lead them to take unnecessary actions if the information was not fully corroborated by forensic evidence.”
Anonymous have now got 40 arrest warrants against them and the FBI are investigating the group. The hacking group have previously attacked Visa, Paypal and Amazon after they withdrew services from Wikileaks.
Industry insiders say that if Anonymous were behind the Sony data theft, then people should not be worried about their credit card information being used, as Anonymous have no interest in stealing money from the public, they are focused on targeting ‘corrupt corporations’.
KitGuru says: Was it Anonymous or another group trying to cover their tracks?