Dans une lettre ouverte destinée à la Chambre des Représentants des Etats Unis concernant les attaques du PSN et du SOE (Jeu online Sony sur PC), nous apprenons les procédures effectuées par Sony à la suite de ces attaques.Mais nous apprenons également que les hackeurs ont laissé un petit message sur un des serveurs SOE (Sony Online Entertainment).
Sony a découvert qu'un nouveau fichier nommé "Anonymous" contenant "We are Legion." a été créé sur un des serveurs de Sony Online Entertainment, le service de jeu en ligne de jeux Sony sur PC.
Tout de suite, vous pourriez penser que le groupe Anonymous serait responsable de cette attaque, et de celle sur le PSN.
Avant de faire cette déduction rapide, sachez que rien n'empêche le hackeur responsable de l'attaque de laisser des fausses traces pour faire croire que les responsables sont les membres du groupe Anonymous.
Comme on vous l'avais indiqué dans cette news précédente le groupe Anonymous avait lancé une attaque de type DDoS sur les serveurs du PSN pour le mettre hors service. Il est ainsi facile de pouvoir leur faire porter le chapeau étant donné cette attaque.
Rien n'empêche cependant que les personnes ayant piraté le PSN soit membre de ce groupe Anonymous, mais il ne s'agit pas d'une action officielle reconnue par le groupe.
Voici le message du blog de Playstation :
Today, the Subcommittee on Commerce, Manufacturing and Trade of the U.S. House of Representatives Committee on Energy and Commerce held a hearing in Washington, DC on “The Threat of Data Theft to American Consumers.”
Kazuo Hirai, Chairman of the Board of Directors of Sony Computer Entertainment America, submitted written answers to questions posed by the subcommittee about the large-scale, criminal cyber-attack we have experienced. We wanted to share those answers with you (click here).
In summary, we told the subcommittee that in dealing with this cyber attack we followed four key principles:
Act with care and caution.
Provide relevant information to the public when it has been verified.
Take responsibility for our obligations to our customers.
Work with law enforcement authorities.
We also informed the subcommittee of the following:
Sony has been the victim of a very carefully planned, very professional, highly sophisticated criminal cyber attack.
We discovered that the intruders had planted a file on one of our Sony Online Entertainment servers named “Anonymous” with the words “We are Legion.”
By April 25, forensic teams were able to confirm the scope of the personal data they believed had been taken, and could not rule out whether credit card information had been accessed. On April 26, we notified customers of those facts.
As of today, the major credit card companies have not reported any fraudulent transactions that they believe are the direct result of this cyber attack.
Protecting individuals’ personal data is the highestpriority and ensuring that the Internet can be made secure for commerce is also essential. Worldwide, countries and businesses will have to come together to ensure the safety of commerce over the Internet and find ways to combat cybercrime and cyber terrorism.
We are taking a number of steps to prevent future breaches, including enhanced levels of data protection and encryption; enhanced ability to detect software intrusions, unauthorized access and unusual activity patterns; additional firewalls; establishment of a new data center in an undisclosed location with increased security; and the naming of a new Chief Information Security Officer.
We told the subcommittee about our intent to offer complimentary identity theft protection to U.S. account holders and detailed the “Welcome Back” program that includes free downloads, 30 days of free membership in the
PlayStation Plus premium subscription service; 30 days of free service for Music Unlimited subscribers; and extending PlayStation Plus and Music Unlimited subscriptions for the number of days services were unavailable.
We are working around the clock to have some PlayStation Network services restored and we’ll be providing specific details shortly. We hope this update is helpful to you, and we will continue to keep you posted as we work to restore our network and provide you with both the entertainment and the security you deserve.
Source : http://blog.us.playstation.com/2011/05/04/sonys-response-to-the-u-s-house-of-representatives/
Flux RSS