Sony: 'Anonymous' sparked hack

Sony claims that an attack by infamous hacking group Anonymous – dubbed “hackers on steroids” – distracted the company’s security operation and allowed another team to slip under the radar and steal 100 million customer records.
Kazuo Hirai, chairman of Sony Computer Entertainment America, says the data hacking attack succeeded in penetrating Sony’s security systems in part because the company was attempting to combat a distributed denial-of-service (DDoS) attack by Anonymous.
In a letter to the US Congress, Hirai explained that, as the DDoS attack was going on, a team of hackers using advanced techniques exploited a software flaw in Sony’s systems and got access to its network. The attackers then escalated the privileges they had on the system, while deleting log files to mask their actions.
Anonymous has denied any involvement in the theft of data, but Hirai said that the attackers had deliberately left a file on its servers named “Anonymous” containing the group’s catchphrase: “We are legion.”
“Whether those who participated in the DDoS attacks were conspirators or whether they were simply duped into providing cover for a very clever thief, we may never know,” Sony’s letter said. Hirai sent the letter rather than testifying in person at the US House Energy & Commerce Subcommittee on Commerce, Manufacturing and Trade Hearings, which is investigating the breach.
Sony has also been blasted by the EU, faces a class legal action from angry users, as well as a number of investigations by Information Commissioners of the countries in which it operates.
Anonymous was first set up in 2003 and by 2007 a report KTTV Fox 11 News, based in Los Angeles, called them a group of “hackers on steroids”, “domestic terrorists,” and collectively an “Internet hate machine”.
The report covered an attack on a Myspace user, who claimed to have had his Myspace account hacked into seven times by Anonymous, and plastered with images of gay pornography. The Myspace user also claimed a virus written by Anonymous hackers was sent to him and to 90 friends on his Myspace contact list, crashing 32 of his friends’ computers. The report featured an unnamed former hacker who had fallen out with Anonymous and explained his view of the Anonymous culture. In addition, the report also mentioned raids on Habbo, a “national campaign to spoil the new Harry Potter book ending”, and threats to “bomb sports stadiums”.
Since then the group has been blamed for numerous attacks, including YouTube Porn Day, in which it flooded the film site with porn for a day; Avenge Assange, a campaign which took down both MasterCard and Visa’s websites in revenge for the arrest of WikiLeaks founder Julian Assange; and Operation Egypt in which the websites of Egypt’s Ministry of Information and the National Democratic Party were knocked offline in support of the Egyptian Revolution.