In response to a Congressional investigation, Sony Wednesday released more information about the hack that disrupted its PlayStation Network since April 20. Among the details revealed by Sony was the fact that one of its servers had a file called "anonymous".
Earlier this week, Sony stated that the violation has also disrupted its site of Sony Online Entertainment game. By discovering the hack, SOE "also discovered that the intruder had planted a file on one of these servers named"anonymous"with the words" we are legion ' ", Kazuo Harai, President of Sony, written for the House Commerce Subcommittee"manufacturing and trade.
The anonymous goes to group by the slogan "we are anonymous." We are legion. Forgive us not. We do not forget. You expected us. ?
"Just a few weeks ago, several companies Sony had been the target of a large-scale, coordinated denial of service by the anonymous group attack.". Attacks were coordinated against Sony in protest for the exercise of its rights, in a civil action before the Court at the United States in San Francisco against a hacker "Written Harai."
It would be George "geohot" Hotz, which PS3 hacked and posted workarounds on the Web solution. Hotz recently installed with Sony and denied any involvement in the NHP hack. He also urged officials not step to sell information.
Anonymous is a clandestine group which operates "Operation Payback" and have includes members of the Bulletin Board 4chan.org "/ b". As a general rule, the Group organizes distributed denial of service (DDoS) against the computer systems of those with whom they disagree, including the credit card companies that support dropped for WikiLeaks, music labels that go after infringers of the right of author and Sony.
Anonymous last month organized a boycott 24 hours a day, in-store Sony world stores April 16. That came several days after the group attacked the brand Sony Web sites to protest against the prosecution against computer hackers Sony's PS3. An anonymous offshoot called "sonyrecon" also targeted individual employees of Sony.
However, the month last Anonymous denied officially any involvement in the hack Sony PlayStation. "For once we do,"according to a press release published on the website of the group.""
"While this could be the case that other trainings have acted on their own, AnonOps was not related to this incident and does not take responsibility for everything what happened," the statement and a YouTube video (below).
At the time, anonyme anonymous suggested that the problem was "an internal problem with the servers of the company."
The Group did not update his Twitter feed or Facebook page, Web site since Sony released his letter to the Subcommittee. Anonymous has not immediately responded to a request by email for comments.
In his letter, Sony stated that the attack on its systems was "criminal cyber very carefully planned, very professional, very sophisticated attack designed to steal personal and information of credit card for illegal purposes."
Sony said one or more cybercriminals gets access to PlayStation Network servers at the same time as its servers were experiencing a denial of service attack; a Sony intrusion does not immediately detected because of its "pure sophistication."
"Detection was difficult because criminal hackers exploited a vulnerability in the software system," wrote Hirai. He also said Sony security teams were busy working to deflect the DDoS attacks, which could "have made it more difficult to detect the intrusion quickly - but perhaps by design," he wrote.
Hirai acknowledged that DDoS participants reportedly duped by providing coverage for a very intelligent thief, but "we can never know."
Hirai said that Sony contacted the FBI, two days after the intrusion has been detected and organize a meeting on 27 April. At the time, the security firm hired by Sony to assess the damage had not yet determined the scope of the attack. As of April 26, the day she publicly disclosed the hack, Sony said that it also notified regulatory authorities in a dozen States.
Sony has reaffirmed that the complex nature of the hack has ceased to discuss the issue publicly. The company "was very concerned that announcing partial or indicative of consumer information could cause confusion and lead them to take unnecessary measures if the information was not fully corroborated by forensic evidence," wrote Hirai.
At this point, Sony believes that he knows how the intrusion has occurred, but is "reluctant to make public full details" because this information may be used to launch another attack. Sony does not know who is responsible, Hirai said.
In this case, one of the major concerns was whether the hackers obtained information of peoples credit card. Sony said it has about 12.3 million credit on file cards via its PlayStation Network system, including approximately 5.6 million are the United States. Sony said credit card companies have not reported any fraudulent charges related to the hack.
No comments:
Post a Comment