Skip to main content

PlayStation network hack: Who did it?

Hacker kids used to be the main suspects in cyber crime. Now things are much more complicated.
Hacker kids used to be the main suspects in cyber crime. Now things are much more complicated.
  • Personal information on 77 million PlayStation Network users was exposed recently
  • Here's the run-down of who might have done it
  • A for-profit cyber-thief probably did the job

(WIRED) -- It's one of the biggest data breaches in history. Now that Sony has come clean -- sort of -- on a computer intrusion this month that exposed personal information on 77 million PlayStation Network users, one obvious question remains: Who pulled off the hack?

In the old days, the answer would be simple: some kid did it. But today's underground is more complicated -- a slew of competing players with different agendas and techniques. Here's a quick rundown on the likely suspects.


While noncriminal pranks are their stock in trade, the griefers of Anonymous have been on a hacktivism spree of late, staging distributed denial-of-service attacks against the corporate enemies of WikiLeaks, then famously cracking the computer security firm HBGary Federal and exposing the shady plotting of its CEO.

Coincidentally, Anonymous declared Sony as its latest protest target right around the time of the intrusion. They were unhappy with Sony's lawsuit against PlayStation 3 rooter George Hotz, and unsatisfied by the settlement deal reached between Hotz and the company this month.

But spokespeople for Anonymous have denied any role in the PlayStation Network hack, and the whole flavor of the hack just isn't Anonymous' style: they've pulled intrusions in the past, but computer crime isn't their mainstay, and a stealth run through the network of a corporate giant is decidedly short on lulz.

Verdict: Probably innocent. Sony to inspect PlayStation hacker's hard drive


Chinese hackers have been responsible for some of the most sophisticated known intrusions in recent years -- low-and-slow attacks against defense contractors, human rights groups and Silicon Valley bigwigs like Google.

The attackers typically get in by hitting a single employee with an exploit, and then carefully expand through the network until they've found what they're looking for -- generally trade secrets, source code, or intelligence.

A list of 77 million names, dates of birth and passwords could be useful as the raw material for future attacks, but aside from that, Sony's gaming infrastructure is not a logical target for this bunch. You also wouldn't expect a professional Chinese intrusion to be detected so quickly.

Verdict: Innocent.

Random recreational hacker

This breed still exists, though now in much smaller numbers than the professionals.

The PlayStation Network would be an alluring target for a bored teenager or twenty-something who spends a lot of time grinding through multiplayer shooters -- to paraphrase "Silence of the Lambs," you covet what you see every day.

A recreational hacker might go after the user database as a trophy.

Verdict: Maybe guilty. Sony claims PlayStation 3 hacker sabotaged hard drive, skipped town

For-profit cyberthief

These guys, largely concentrated in Ukraine and Russia, know databases like the backs of their hands -- they dream in SQL -- and similar, if smaller, stolen databases are bought and sold routinely over carder forums and in private transactions.

In this scenario, the credit card numbers potentially stolen in the hack aren't as important as they seem.

According to Sony, the CVV2 -- the security code on the back of card -- wasn't stored in the compromised database, which greatly reduces the cards' usability to fraudsters. Credit cards without the magstripe data or CVV2 are among the least valuable commodities.

But combined with the other data, the database is valuable indeed. The passwords (which Sony evidently didn't bother to hash) could be a gold mine, because people have a tendency to use the same password everywhere; you can bet a big chunk of those 77 million PlayStation Network passwords will unlock everything from Facebook accounts to online banking.

The e-mail addresses could be used in phishing attacks, with the fraudster using stolen details -- like the target's date-of-birth -- to increase the chances of a response. Hell, even if it were just sold as a spam list, the Sony database could draw a pretty penny.

Verdict: Probably guilty.

Subscribe to WIRED magazine for less than $1 an issue and get a FREE GIFT! Click here!

Copyright 2011


Most popular Tech stories right now