Sony Implicates Anonymous in Attack; Group Denies Involvement
In the wake of what’s turning into one of the biggest hacking attacks in history, Sony told members of Congress that it found a message left in its systems taunting the company.
The message was contained in a file entitled “Anonymous,” and contained the sentence “We are legion,” the catchphrase of the loose affiliation that calls itself by the same name. Someone claiming to be a representative of the group has denied involvement in the attack, but conceded that it could have been carried out by someone who had been a member of the group in the past. As is usually the case with Anonymous, the claims and counterclaims are impossible to verify independently.
Sony summarized the letter on its blog and the original can be found here. Aside from the new disclosure of the creepy calling card, Sony reiterated information that it has disclosed previously, including the fact that the attack that initially hit its PlayStation Gaming Network was later discovered to be wider, affecting its online gaming site Sony Online Entertainment, home of games like Everquest and Star Wars: Galaxies. The total number of accounts compromised has now broken the 100 million mark.
Sony has apologized but the extent of the damage to the relationship it has with its customers is still unknown. The services are still down.
One other new detail: Sony has hired some third-party firms to help sort through all the evidence from the attack, including computer forensics firm Data Forte. Its president is Peter Garza, who’s a former head of the Naval Criminal Investigative Service, aka NCIS. It has also called in Guidance Software to help with the discovery process associated with the legal cases that are piling up and Protiviti, a risk consulting and auditing firm.
Speaking of the legal pile-on, it continued Tuesday as The Wall Street Journal reported that New York’s state attorney general, Eric Schneiderman, had issued subpoenas to Sony seeking documents related to its system security and promises it had made to its customers. As I said the other day, these hacker attacks have a way of getting expensive real fast.