In association with heise online

05 May 2011, 12:35

Sony suggests Anonymous to blame for cyber attack

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Sony has responded to questions posed by the Subcommittee on Commerce, Manufacturing and Trade of the US House of Representatives Committee on Energy and Commerce. In its written response, the Japanese company has explained its approach to dealing with the recent cyber attack and has pointed the finger of blame for the attack at the hacker group Anonymous. In a summary of the full letter, Sony explains that its four key principles have been to act carefully, inform the public only once information has been verified, take responsibility for its obligations and work with the relevant authorities.

The letter describes the attack as having been a "very carefully planned, very professional, highly sophisticated criminal cyber attack" and states that Sony discovered that a file named "Anonymous" containing the words "We are Legion" was planted on one of its servers during the attack. In what purports to be a response from Anonymous, the group says that, although the planted file includes the words from Anonymous's slogan, "Anonymous has never been known to have engaged in credit card theft." The rebuttal continues by claiming that many of Anonymous's "corporate and governmental adversaries" have in the past lied about Anonymous's activities – the implication being that the accusation from Sony cannot be trusted. The response goes on to claim that Anonymous is transparent in its activities, allowing journalists to observe the group at work and monitor its activities.

The Sony letter continues by stating that, although it has been unable to rule out that customers' credit card information had been accessed, "As of today, the major credit card companies have not reported any fraudulent transactions that they believe are the direct result of this cyber attack." Among steps that Sony is taking to prevent further data loss, the text cites "enhanced levels of data protection and encryption; enhanced ability to detect software intrusions, unauthorized access and unusual activity patterns; additional firewalls; establishment of a new data center in an undisclosed location with increased security; and the naming of a new Chief Information Security Officer."

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit