Sony is blaming the loose hacking outfit Anonymous for bringing down its networks and stealing personal information.
Hauled before a Congressional subcommittee’s inquiry into the massive data breach of its PlayStation Network, Sony claims to have evidence that those responsible are part of the infamous international hacktivist collective that brands itself “Anonymous.”
Patrick Seybold, senior director of communications for Sony, in a summary of its letter to Congress, which was posted to the PlayStation Bog said that Sony has been the victim of a very carefully planned, very professional, highly sophisticated criminal cyber attack.
He said that Sony discovered a file on one of its Sony Online Entertainment servers which was labelled ‘Anonymous’ and had the words ‘We are Legion” inside it.
Anonymous has admitted to carrying out a DDOS attack on Sony’s website but insists that it was not involved in any data theft of any kind.
Sony board chairman Kazuo Hirai points out that the Anonymous attack occurred “at or around the same time” as the security breach, as a smokescreen to cover for the breach of the PSN.
The DDOS attack meant that its security teams were flat out working to defend against denial of service attacks rather than looking for hacker intrusions, claimed Hirai.
However Sony is probably barking up the wrong tree here. Anonymous’s weapon of choice is a simple attack on websites and it does not steal data. “By the time the security breach occurred on April 16, Anonymous had officially called off its attacks on the company.”
If the attack was a smokescreen it probably should have continued until after the real breach started. That is what creating a smokescreen is all about.