May 6, 2011

When in doubt, blame

Exposed for shockingly poor IT security, Sony has tried to shift the blame to Anonymous. It's a familiar tactic.

Bernard Keane — Politics editor

Bernard Keane

Politics editor

In the face of evidence of quite remarkable security weaknesses and wholesale lack of transparency, Japanese transnational Sony this week tried to shift blame for the cracking of its system and the theft of millions of customers’ credit card and identity details onto online activist group Anonymous.

A brief recap of just how badly Sony’s online PS3 and PSP online gaming networks were cracked: the names, addresses, birthdates, passwords and credit card numbers of up to 77m Playstation users worldwide were stolen just before Easter (for non-gamers: to play PS3 games online in multiplayer environments, you pay to access Sony’s networks; Microsoft has a similar network and payments system for Xbox online gaming).

Free Trial

Proudly annoying those in power since 2000.

Sign up for a FREE 21-day trial to keep reading and get the best of Crikey straight to your inbox

By starting a free trial, you agree to accept Crikey’s terms and conditions


Leave a comment

11 thoughts on “When in doubt, blame

  1. BearPowers

    Good story, one note you don’t pay to access the PSN. There is a Playstation Plus service which is subscription based, but for general online play (which is the equivalent of Microsofts paid service) you don’t need to pay.

  2. Sexual Lobster

    Come closer, I will show you my giant crack.

  3. Socratease

    Instead of looking for external scapegoats, Sony and its ilk would have more credibility of they fronted-up to the various questioning authorities with internal documents showing their security policy as well as their risk management strategy and measures they have used to test and assess it, such as use of professional ethical hacking companies.

    Of course, if they actually had such things in place, it is very unlikely that they’d be in the position they are now.

  4. slickdick

    Anyone with any understanding of network technology would know nothing is 100% secure. You can’t blame Sony because of the laws of Physics (If its connected its accessible). This is another bias article from a closet Anonymous supporter.

    Anonymous are Cyber terrorists too cowardly to put their names to what they believe in. Always have been, always will be, they cannot be trusted on any front.

    Anonymous are thieves that deal in pirate software (Warez), key generators and hacking utilities. Hell this whole thing is about them not being able to pirate software from PS3 and cheat on PSN it has nothing to do with OtherOS as they claim.

  5. MD43

    “for non-gamers: to play PS3 games online in multiplayer environments, you pay to access Sony’s networks; Microsoft has a similar network and payments system for Xbox online gaming”

    Wrong. You don’t pay to access the PSN which is a free service (whereas Xbox Live you pay with monthly payments), the only thing you pay for is purchases such as Playstation Plus, games, expansions and extra maps.

    In any case, I’m regretting buying a PS3 more and more everyday. Definitely going for an Xbox for the next gen. The main reason I didn’t buy an Xbox was because of the constant breaking and machine failures (back circa 2007) which my PS3 managed to do within a year anyway, and the fact that you don’t have to pay to play online, you only have to pay when mysterious purchases or withdraws are made presumable in China or Russia…

    Sony have failed in their security on a proportion no other company has achieved, it’s only natural they try to deflect some of the blame. It’s made all the more easier by the fact that Anon can’t officially defend themselves. Well done Sony.

  6. Michael Butler

    Hey SlickDick,
    I wouldn’t for a moment lose sight of the fact that the criminal(s) who’ve hacked Sony are the culprits.
    (In fact, Sony has been hit again – Sony Online Entertainment was penetrated and around 25 million accounts compromised just this week.)
    And we all know that if it’s online, it might get hit. You can bet your bottom dollar that Microsoft, Apple, Amazon et al are breathing huge sighs of relief that they didn’t get hit.
    I also don’t buy into the ‘Sony brought it on’ argument about going after geohot and raising Anonymous’ ire.
    But I absolutely do blame Sony for being so careless with my personal data, and there’s plenty of information floating around about just how poor the internal systems and safeguards were.
    I also deplore the length of time it took to notify users. I found out from a games-related news site several days into the outage.
    I should have found out in an email sent by Sony to my PSN ID’s email address.
    That’s my information that’s been stolen, and even if my credit card number remains secure, enough information has been taken for an identity thief to get up to all kinds of mischief in my name.
    Sony needed to tell me right away so that I could make decisions about what to do, not remain mute in a futile and counter-productive attempt to minimise the PR hit.
    Unsurprisingly, they’ve only made it worse.

  7. Simon Tait

    “Anonymous are Cyber terrorists too cowardly to put their names to what they believe in”.

    Just like you, ‘SlickDick’?

  8. dag

    I blame those that fail to take proper due diligence, Sony in this case. Good security doesn’t allow the information super highway to have a shortcut through your organisation. The following line is very telling: “The crack is so massive credit card thieves are said to be concerned the price of illegally-obtained credit card numbers traded online is going to plunge.”

  9. Socratease

    ^ Only when such breaches result in lawsuits with massive payouts will companies wake up to their obligations.

  10. SuprF1y

    It was a hack, not a crack. And no more ISH comments, pleeeeeeease.
    Software quality matters.
    The industry has gotten into the habit of not checking it’s blind spot when changing lanes.

Share this article with a friend

Just fill out the fields below and we'll send your friend a link to this article along with a message from you.

Your details

Your friend's details