Sony's claim that the online advocacy group Anonymous hacked its Playstation 3 network, enabling the theft of personal data from millions of users, has been laughed away by the group.
For once we didn't do it, states a blog post at Anonops, which has in the past been a reliable port into the group's actual aims and claims.The post was linked from the Anonops Twitter feed, which also called Sony incompetent.
The charge by Sony, which is based in Japan but now run by an Australian, former CBS head Howard Stringer, is made under the signature of Kazuo Hirai, Chairman of the Board of Directors of Sony Computer Entertainment America. In support of testimony to a U.S. House subcommittee, it states "We discovered that the intruders had planted a file on one of our Sony Online Entertainment servers named “Anonymous” with the words 'We are Legion.'"
The only other bit of "evidence" Sony offered is that, so far, no credit card transactions have been consummated with any of the compromised data. Anonymous is known for attacks with political rather than financial motives.
Since the data theft on April 26, Sony has revealed that it didn't protect user passwords with encryption, only with a simple hash.
Here's why I believe Anonymous didn't do it, but why it's in a world of trouble nevertheless:
- This attack does not fit Anonymous' M.O. Sony says the admission came in the equivalent of an "Easter Egg" left during the attack. Anonymous generally announces attacks publicly before they're made.
- Given the structure of Anonymous (which is extremely loose) it's a very easy scapegoat for either a criminal gang or a multinational corporation. Neither likes competition.
- The charge is believed by many (unsophisticated) Playstation Network gamers, and could easily be swallowed by House members, who don't need to pass an IQ test to get elected.
- The Administration has been on a campaign to enforce local laws on the global network, including copyright laws. In other words, the government wants to break anonymous in the normal course of business.
- The Sony letter was addressed to Mary Bono Mack, head of the subcommittee on commerce, manufacturing and trade. Mack is the widow of Sonny Bono, father of the "copyright eternal" act. She might readily believe the claim, and see herself as a target of the anti-copyright Anonymous.
A moderator at PSX-Scene called Chesh420 told Reddit that the hack began after Sony pushed through a program written by third-party programmers that let users steal gameplay. While it's possible someone could be both a Playstation gamer and an Anonymous hacker, it's highly unlikely that enough are to move the group to an official attack.
In any case, both the FBI and a security firm hired by Sony are on the trail of what happened, so hopefully honest answers will be forthcoming. Given that Sony has publicly accused Anonymous of participating in the hack, they're now on the hook to provide a full accounting and arrests, the sooner the better.
Once you make an extraordinary claim -- that tens of millions of records were stolen by a political group -- then you need to provide extraordinary proof. If Sony doesn't realize that now, I'm sure Anonymous will remind them of it.