Sony PlayStation Network Hack Sponsored by a State?

An attack on Sony PlayStation Network servers has resulted in the exposure to hackers of Sony gamers’ “name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID.”  Sony believes that it may also be possible that “profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained.”  More than 100 million accounts may have been breached.

A spokesperson for Sony announced that the hackers “used very sophisticated means to access the data, and they used sophisticated means to cover their tracks.”

As Sky News has reported regarding, hacks emanating from Chinese territory and targeting Western firms have grown incredibly common, and appear to constitute a systematic pillaging of non-Chinese firms:

Last year, cyber attacks cost Britain £27bn. The global hub for targeted attacks is China. An estimated 1.6 billion attacks are launched from the country each month.

In 2007, the director of British intelligence warned 300 British businesses that they were victims of cyber-attack emanating from Chinese territory.

Google is the most prominent victim of cyber-attacks launched from China but not known to be sponsored by the Chinese state::

 Numerous sites including YouTube, The Guardian, Facebook, Twitter, Blogger and Wikipedia have been blocked, some of them indefinitely. In addition, last June the Chinese government announced that all personal computers sold in China would need to be pre-loaded with software that could be used to censor online content. After a public outcry and pressure from companies, the proposal was later withdrawn.

Most recently, in mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China. What at first appeared to be an isolated security incident–albeit a significant one–turned out upon investigation to be something quite different.

First of all, at least twenty other large companies from a wide range of businesses–including the Internet, finance, technology, media and chemical sectors–were similarly targeted.

Second, we believe that a primary, albeit unsuccessful, goal of the attack was to access Gmail accounts surreptitiously.

Third, we discovered in our investigation that the accounts of dozens of U.S.-, China- and European-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties. I want to make clear that this happened independent of the security breach to Google, most likely via phishing scams or malware placed on the users. computers.

The attack on our corporate infrastructure and the surveillance it uncovered–as well as attempts over the past year to limit free speech on the Web even further–led us to conclude that we were no longer willing to censor our search results in China. This decision was in keeping with our pledge when we launched that we would carefully monitor conditions in China, including new laws and other restrictions on our services.

I want to stress that while we know these attacks came from China, we are not prepared to say who carried out these attacks. We do know such attacks are violations of China’s own laws and we would hope that the Chinese authorities will work with US officials to investigate this matter.

Earlier this week we stopped censoring our search services–Google Search, Google News, and Google Images–on Users visiting are now being redirected to, where we are offering uncensored search in simplified Chinese, specifically designed for users in mainland China and delivered via our servers in Hong Kong.

The Hong Kong-based Asia Times reported in 2009 that a suspicious convergence of hacks into Western technology firms and Chinese national security interests had emerged in the investigation into the mysterious Ghostnet network of zombie computers:

The operation, which the investigators named “GhostNet”, used a Trojan hidden in e-mail attachments to compromise a computer’s security and download a piece of malware called gh0st RAT (RAT standing for Remote Access Tool). Gh0stRAT allowed a remote operator both to examine files on the computer and to upload them to a gh0st RAT server. Keystrokes could also be logged – a key hacking tool for acquiring passwords – and, purportedly, the computer’s microphones and webcam could be activated and the audio and video sent to the gh0st RAT server. …

In October 2008, Citizen Lab issued a report revealing that TOM-Skype, a joint venture by Skype and an arm of Hong Kong tycoon Li Ka-shing’s empire offering encrypted voice and text messaging services inside of China, saved copies of text messages on a network of eight servers. …

The TOM-Skype affair highlights the central role played in the battle between the Chinese state and those who wish to navigate the Internet beyond its control by a unique technical feature of Internet communication: 128-bit encryption.

The Sony PlayStation Network also permits communication over the Internet using 128-bit encryption.  A coincidence?  Maybe.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: