2011 PSN Hackers Plead Guilty, to Be Sentenced Next Month

Remember the Great PSN Outage of 2011? Four British hackers have plead guilty to the digital attack that led to a full month of network downtime. The April 2011 incident left gamers frustrated and allegedly cost Sony billions of dollars.

The four men, who range in age from 18 to 26, will be sentenced next month in the long-awaited conclusion to this saga. All four were members of Lulz Security (Lulzsec), a splinter group of hacktivist collective Anonymous.

The story began when Anonymous declared digital war on Sony in support of renowned PS3 hacker George “Geohot” Hotz with the following statement:

“Your official websites will be taken offline, including the PlayStation store.”

When Sony’s websites were taken down shortly thereafter, the obvious culprit was Anonymous. But when the PSN was taken down by hackers in April, Anonymous denied responsibility for this second attack.

Initially playing coy about the reason for the PSN outage, Sony revealed after two days of downtime that hackers were responsible. The full statement read:

“An external intrusion on our system has affected our PlayStation Network and Qriocity services. In order to conduct a thorough investigation and to verify the smooth and secure operation of our network services going forward, we turned off PlayStation Network & Qriocity services on the evening of Wednesday, April 20th. Providing quality entertainment services to our customers and partners is our utmost priority. We are doing all we can to resolve this situation quickly, and we once again thank you for your patience. We will continue to update you promptly as we have additional information to share.”

While what really happened may never be known for sure, it’s likely that someone from Anonymous who was involved in the first attack found a vulnerability in the PSN that could be exploited, and that this information ended up in the hands of the Lulzsec culprits.

The outage lasted a month, but not all gamers waited around for Sony to get its act together. The company reported that by June 29, 90 percent of PSN users were back online. There are two implications therein: first, that it took a while for Sony to rebuild its active playerbase in the fallout of the outage. Second, that it potentially lost customers altogether.

The Japanese PSN took even longer to recover — servers were only restored in Japan on July 6. Sony predicted huge losses in the wake of the attack. In a message sent to investors, Sony predicted that the PSN outage, in combination with the aftermath of March’s Tōhoku quake and subsequent tsunami, might end up costing the company $3.1 billion.

Now, justice has come calling, and the hackers will get their just deserts. Lulzsec didn’t win many fans when it chose to deliver its message in a way that rendered countless gamers unable to enjoy the console and games they paid for — and I bet they’ll find few sympathizers once their sentence is delivered next month.

What do you think? Should we sympathize with the Lulzsec hackers? Is it worth losing your service to teach a company like Sony a lesson?

Join the Conversation   

* required field

By submitting a comment here you grant GameFront a perpetual license to reproduce your words and name/web site in attribution. Inappropriate or irrelevant comments will be removed at an admin's discretion.

6 Comments on 2011 PSN Hackers Plead Guilty, to Be Sentenced Next Month

Axetwin

On April 15, 2013 at 12:34 pm

While I don’t sympathize with them, I don’t agree with their actions, I cannot deny something needed to be done. Sony was storing all of the user data on a single un-secure server with years old outdated security, in a non-encrypted format. When the IT department was asked why they allowed this to happen, they said Sony flat out refused to improve security because it wasn’t worth the expense.

Goner

On April 15, 2013 at 1:57 pm

I don’t remember the whole story about the hack of Sony , but i just think that it’s a shame that the hackers waste they talent in such petty fight when they’re so many companies who just deserve the worst,
because they’re starving peoples, they doom entire country , and maybe our children gonna live hell because , off all this corporation.But maybe i’ m wrong, maybe it was something important about breaking Sony down,sometime some war can’t be done without co lateral damage.

R.J

On April 15, 2013 at 4:45 pm

I can see why Anonymous would want to make it clear that somebody else was responsible. While Sony was the target, the attack included many, many people that had nothing to do with any policy making with the company. You aren’t going to win too many fans when Joe Schmoe can’t go online or is having to worry that his credit card information was stolen. I have no sympathy for them because I was affected by the hacking simply by virtue of having a PS3, and I don’t appreciate being targeted.

Derek

On April 15, 2013 at 7:42 pm

It used to be just military, then financial, then healthcare and education where laws mandate minimum security requirements for network and system access, database security requirements, access auditing, and so forth. Similar requirements need to be enforced for ALL companies which store any credit card information, or even sensitive information like private messages like on a dating site, or customer purchase history on e-commerce sites.

Where I work in IT we can get audited by any number of state or federal agencies at any time. If we got caught with an antiquated IPS, using low grade encryption on databases, lacking audit records for access to sensitive data, or were unable to prove we can carry out our approved DR plan for example, then we would be looking for new jobs. However industries like e-commerce, gaming, social networking, web and e-mail hosting, or many others have no such requirements and can ignore security to maintain functionality or just to simply avoid the IT costs.

It’s very disturbing that a company like Sony failed so miserably. Also, there is no way forensics would take an entire month to report what happens. Sony clearly took extra time to rebuild their network because it is a lot easier with the systems offline. Clearly they had no plan in place.

TrentMK

On April 16, 2013 at 4:07 am

Would’ve been interesting if a group without these professed “good” intentions and such public announcements had gotten ahold of the vulnerability. I know it’s a similar argument to saying ‘well Sony shouldn’t have been wearing such a skimpy outfit or been so drunk,’ but they’ve got an important responsibility to protect their customers and prevent things like this from happening, not so much to wait for it to happen then put whoever did it in prison.

Long Jonze

On April 16, 2013 at 5:16 am

What they did was wrong, yes. But Sony should be thanking their lucky stars that their astonishingly bad decryption was only breached by people who wanted to see if they could breach it and had no further agenda than that. Imagine how much worse it would have been if another group had got in with the express intention of destroying millions of accounts or changing them beyond recognition, or just spending peoples’ money to be annoying. If it took this comparatively banal attack to kick Sony into gear and get them to make their servers even remotely secure (seriously, they may as well have published user account details on their website, that’s how little security was in place at the time of the attack) then it was for a greater good. Same as Gary McKinnon, the British guy who hacked the Pentagon to look for information on UFOs, then sent a detailed letter to the government explaining how he did it revealing just how easy it really was. You can’t condone his actions, but if it took this one act to get more sensitive information secured from more dangerous sources then the US should have been thanking him instead of spending upwards of 10 years trying to get him extradited so they could more than likely subject him to some of the worst custodial conditions in the Western world because he liked aliens.

So yeah, while these people really inconvenienced a lot of people, I hope their sentencing will be fair and reflect their relatively blase motives.