The PlayStation Network is still offline. But, it is coming back online soon, according to Sony! In the meantime, as legions of gamers the world over wait not-so-patiently next to their gaming machines, a new question has consumed the tech blogs –– who or what caused the PSN breach?
Earlier this week, Sony revealed that 24.6 million Sony Online Entertainment accounts had been compromised –– this in addition to the original PSN attack on 77 million accounts. In the process of delving into the SOE break-in, Sony reportedly found evidence of the work of Anonymous, a prominent hacker group.
"Sony has been the victim of a very carefully planned, very professional, highly sophisticated criminal cyber attack," Sony rep Patrick Seybold wrote on the PlayStation blog. "We discovered that the intruders had planted a file on one of our Sony Online Entertainment servers named 'Anonymous' with the words 'We are Legion.'"
The theory certainly doesn't seem outlandish –– Anonymous has not been shy about its exploits. But Anonymous –– which, true to word, is very much anonymous, and typically issues anonymously-written statements –– published a stern denial of its involvement in the SOE breach. From the press release, posted to Daily Kos:
Whoever broke into Sony's servers to steal the credit card info and left a document blaming Anonymous clearly wanted Anonymous to be blamed for the most significant digital theft in history. No one who is actually associated with our movement would do something that would prompt a massive law enforcement response. On the other hand, a group of standard online thieves would have every reason to frame Anonymous in order to put law enforcement off the track. The framing of others for crimes has been a common practice throughout history.
So there is that. As readers of Horizons know, late in April, hackers managed to worm their way into the PSN and Qriocity, a Sony-owned music and video streaming service. Sony subsequently shuttered PSN, in an effort to tamp down on damage; the service is expected to come back online later in the week, complete with plenty of extra safeguards.
The PlayStation 3 will get a "forced system software update," Seybold wrote in an earlier blog post, which would "require all registered PlayStation Network users to change their account passwords before being able to sign into the service. As an added layer of security, that password can only be changed on the same PS3 in which that account was activated, or through validated email confirmation."
For more tech news, sign up for the free Innovation newsletter, which is emailed out every Wednesday morning.