Anonymous, the biggest hack of the past few years and why users need some legit channels for their problems on the internet
Hackers group Anonymous may have been involved with the huge data leak at Sony, the CEO of Sony told a US government committee in a letter today. The intruder who took the data most likely got into the system during the DDoS attacks that Anonymous have claimed responsibility for.
And there's another shred of evidence. Sony say: 'the intruders had planted a file on one of our Sony Online Entertainment servers named "Anonymous" with the words "We are Legion."'
Earlier this week I wrote a post about who could be behind the hack at Sony and why they did it. With the figure of people affected now at 100million, the story making front page news on papers and websites and commenters speculating that this could impact Sony permanently, it's biggest hack in recent years.
One of the most interesting thing about writing the article was the response. First - yes. commenters pointed out a couple of obvious facts I'd missed (hands up) but then, once I fixed it up some interesting stuff started to come in. This comment for example, which seems pretty bang on the money.
"Just because the hack may have involved credit card data that does not mean financial gain was a motive. the motive could just as easily been to give sony a well deserved and long awaited kicking by giving them a PR disaster they will not forget.
"[...] there would be nothing gained by anonymous admitting it as it could potentially refocus federal goons efforts and alienate the more short term thinkers in the gaming community. Likewise Sony's long term goal is to limit the PR damage and is far better for them to say they were targeted and customer data compromised by highly skilled international cybercriminals than admit it was a bunch of bored teenage script kiddies."
Anonymous - such as they are - have denied involvement with the leak of user details, though do admit they made DDoS attacks against the corporation. But that rogue "We are Legion" file is just confirmation of something that seems relatively obvious:
Two things that make me think that this hack was more than just a criminal trying to make a buck:
1) The hack is very sophisticated and high-profile but - unless there's some fraud we haven't yet heard about - the idea for making money out of it seems a bit haphazard and well, not very good. A more committed criminal - obviously intelligent enough to pull off something of this scale - would, surely have thought of a better way to make money than just selling the data to scammers.
Plus Sony isn't a banking company, it's not a shopping company - it's a gaming company. Surely if you have that amount of company crushing hack-power you'd go for a softer touch? And perhaps something less high-profile so you wouldn't call the attention of the world's media on your head.
2) Sony had recently angered a lot of gamer-techie people. Is it really coincidental that weeks later it suffered the biggest hack of the past few years?
Even if Anonymous wasn't directly responsible, clearly it could have been someone working on the same principles as them and motivated by the same anger?
Perhaps even motivated by the statement they made, which did draw the battle lines. Even if Anonymous doesn't control all the soliders, they did seem to start the war ---
[click for bigger image]
I'm not saying Anonymous were wrong to make their statement about Sony's actions. I think they were absolutely right: they made a valid complaint about a genuine problem (though obviously we don't condone the threats or the penis-beehive bit, no).
The trouble is that people rarely listen to valid complaints from online customers unless you do call attention to them by, oh, say, some high profile hack.
What I am saying is that us online customers and website users need some need some kind of legal recourse, some platform for us as customers or users to air our genuine grievances..
Maybe we need to get more steam behind an online bill of rights giving us for example squatting rights over our online stuff.
We take a lot of the internet on trust - if Mark Zuckerberg suddenly decided to charge for access to Facebook millions of people would be furious - but we wouldn't be able to do anything about it. It is a private company and though our stuff and space and personality is on there - it's theirs - not ours.
Trust works well, but seeing as the IRL law-courts tend to protect the big corporations against the little guy (see ACS copyright cases, the Sony case, Twitter Joke Trial) I think we need some more user-friendly groups to look out for our interests too, but in a legal, safe way.
JUST A THOUGHT.
Got any thoughts of your own on this? let us know -