Sony hacker arrests: 5 questions

Will the arrests in Spain stop the cyberattacks? Or will they simply stir the Anonymous hornet's nest?

Arrests in Spain related to the Sony Playstation Network hacking case have computer users wondering whether the loosely organized Anonymous hacker coalition is weakened -- or merely irritated by being busted.

Officers with the Technological Investigation Brigade of the Spanish National Police arrested three people Friday as part of an investigation that began in October 2010. Using Websites and chat networks, police said, Anonymous hackers organized DDOS attacks against Spain's Ministry of Culture.

Who are These Guys?

Spanish police said the three people arrested in Barcelona, Alicante, and Valencia helped direct attacks on Websites for the Sony PlayStation Store, the bank BBVA, the Italian utility company ENEL, and the governments of Egypt, Algeria, Libya, Iran, Chile, Colombia and New Zealand. Authorities haven't released names of those arrested.

Did They Get the Right People? All of Them?

We can't know the answer to the first question, but the answer to the second is "Probably not." Anonymous and similar hacker networks have a loose, decentralized structure that attract people who enjoy the technical challenge of cybercrime or who feel obligated to bring down corporations or governments.

"Police may have found some of the hackers. But how many?" says Harvard Business School professor Benjamin Edelman. "And what stops another group from doing the same thing? For any company that has technically-capable adversaries with a bone to pick, Sony's experience is cause for concern."

"A hacktivist can be simply someone who looked at a news story," says Benjamin Wright, a Dallas attorney who teaches the law of data security and investigations for The SANS Institute. "There is a sense of political mission. Some people in the world feel very strongly about it ... It's a very, very fluid cultural phenomenon we've seen emerge. It's global and it's extremely hard to predict."

What Penalties can be Applied? Will They Go to Jail for a Long Time?

Maybe, Wright says. If prosecutors in many global jurisdictions pursue criminal charges against the hackers, "It could be possible for someone like this to be put away for quite a number of years," riding the international prison circuit from nation to nation.

According to a report in The New York Times, Spanish police confiscated at least one server that they say shows a link between the people who were arrested and various Anonymous attacks. "Forensic proof in cases like this can be challenging," Wright says, but both the law and the technology are evolving rapidly.

SANS Technology Institute President Stephen Northcutt had a more cynical view. "If they are convicted, Spain is not overly tough on computer crime, so they [could] spend about two years in prison and come out as famous security researchers," he says.

Will Hackers Leave Sony Alone?

Not likely, Edelman says. "So far hackers seem to have the upper hand. They've found a never-ending stream of weaknesses in Sony's systems, and at every turn they've been able to disrupt Sony's operations."

Sony's security shortfalls "were particularly egregious," he adds, suggesting that customers who were locked out of their accounts for weeks on end "should receive especially generous compensation."

What Should I Do Now?

Sony PSN customers -- and every other computer user -- should maintain vigilance against data and identity theft issues, Wright says. "You should always be on red alert for security issues," he says. "All of your data is subject to abuse at any time."

Join the CSO newsletter!

Error: Please check your email address.

Tags hackersplaystationfirewallsnetwork securitysecuritysony

More about etworkHarvard Business SchoolPlaystationSANS InstituteSonyTechnologyThe SANS Institute

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Lisa Greim

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts