Sony May Offer Bounty for Information on Hackers

Monday, May 09, 2011



Sony Corporation is considering the option of offering a reward for information on the perpetrators of a network hack that has dominated industry headlines for weeks.

The decision to offer a bounty in relation to the security breach has not been finalized, but sources close to the investigation indicate the company is seriously considering the option.

According to an article in The New Enterprise by Arik Hesseldahl, "if Sony does decide to offer a reward, it will do so in cooperation with law enforcement agencies, including the FBI and the relevant law enforcement agencies in other countries. The discussions around the pros and cons of offering a reward are not complete and would require the sign-off of senior Sony executives in Tokyo, who have not given their go-ahead, these people say. The reward is being considered as one of many options Sony is mulling in consultation with law enforcement to try to jar loose any information on the identity of the attackers."

In late April, Sony announced that the company's PlayStation network servers had been hacked, exposing the records of more than 70 million customers. During the course of the investigation, Sony discovered that the company's Online Entertainment network had also been compromised, exposing another 25 million customer records.

The breaches forced Sony to shut down both the PSN and Online Entertainment networks, though the company expects to restore services s soon s additional security measures are in place.

Sony has since been the subject of a great deal of criticism regarding the company's delay in notifying authorities and customers of the exposure of account details.

To make matters worse, security experts e believe Sony was lax when it came to security efforts that could have prevented the unauthorized intrusion of the company's networks.

Dr. Gene Spafford offered Congressional testimony last week that Sony was running outdated and obsolete software on the PlayStation and Online Entertainment Networks, leaving the systems extremely vulnerable to attack.

Sony has since denied the allegations: “The previous network for Sony Network Entertainment International and Sony Online Entertainment used servers that were patched and updated recently, and had multiple security measures in place, including firewalls," stated Patrick Seybold, Sony’s Senior Director, Corporate Communications & Social Media.

Identifying and prosecuting those responsible for the hacking exploit would go a long way in helping Sony officials deflect some of the negative media accounts related to the breach, as well as allowing investigators to better determine the extent of the breach.

"The company hasn’t reached a final decision concerning whether it will offer a reward, and may decide not to do it at all, but the option is on the table, sources told me today. The fact that Sony is considering a reward at all speaks to how seriously it wants the person or people who carried out the attacks that have forced its gaming services offline for nearly two weeks to face prosecution," Hesseldahl wrote.

Possibly Related Articles:
Data Loss Headlines Sony hackers breach Bounty PlayStation PSN Sony Online Entertainment
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked