Throughout the Sony data breach controversy, the company has maintained that they have hired an outside security team to investigate the matter. The US government, along with a UK government agency, are also looking into the security meltdown. Still, I've been wondering who exactly Sony hired privately to root out the culprits. Previously, the specifics on these digital bounty hunters were unclear, but Sony has now revealed not one, but three detective teams are on the trail. Start running, Dade Murphy.
According to Reuters, Sony has hired Southern California-based computer forensics team Data Forté to work with FBI agents who are currently investigating the breach. Data Forté is helmed by Peter Garza, a former special agent with the Naval Criminal Investigative Service, or NCIS. His team was apparently instrumental in proving that a rival company ripped off Mattel by making Bratz dolls. So...there's that.
Sony has also hired "cyber security detectives" from Guidance Software and consultants from Proviti to assist with sorting out what has turned into a nightmare for both the PlayStation brand and its users.
When this entire debacle began, many believed that it stemmed from Sony's recent confrontations with hacker George "GeoHotz" Hotz. When the company filed a lawsuit against Hotz back in January for jailbreaking the PlayStation 3 hardware, self-proclaimed "fighters for internet freedom" group Anonymous sprang into action. The 4chan-founded hacker group launched Denial of Service attacks against Sony on and around April 4th, causing outages to Sony's websites and PlayStation Network service. The attacks eventually ceased, with Anonymous stating that they did not want to "attack gamers," as this would "defeat the purpose" of their actions.
So, when the latest PlayStation Network outages started, many were quick to blame Anonymous. This was different than the previous DoS attacks, as the personal data of millions of gamers had been stolen in what appeared to be a criminally motivated action. Anonymous has denied involvement, but acknowledged the possibility that other Anons might "have acted by themselves." The group also asserted that Sony might be "taking advantage" of the previous altercations between the parties.
That said, a letter issued from Sony today to the US Subcommittee on Commerce, Manufacturing and Trade of the U.S. House of Representatives Committee on Energy and Commerce (that's a mouthful) is not helping Anonymous' case. As we reported on Monday, Sony Online Entertainment was forced to take down their servers after discovering "an issue that warranted concern." That issue unfortunately turned out to be another security breach, this time compromising the data of over 24 million users, and 900 foreign users' credit card data. According to Sony, while looking into the SOE breach, they discovered a curious file.
"[SOE] discovered that the intruders has planted a file on one of those servers named Anonymous with the words We Are Legion," the letter stated.
Obviously, there's no evidence of this beyond Sony's statement, but this doesn't paint a pretty picture for the hacker organization. Sony also goes on to state that they believe the DoS attacks were planned by the same group, possibly "providing cover for a very clever thief." Whether this was an organized attack by Anonymous or individuals posturing themselves as members, is unclear.
This story is just overflowing with internet espionage now. We'll keep you posted as it develops.