The Sony hackers who perpetrated one of the biggest data breaches in history left a calling card on Sony's servers: a file called "Anonymous," containing the notorious hacking group's tag line. This is bad news for Anonymous, whose members largely want nothing to do with the hack.
Last month, hackers exposed the personal information, including credit card data, of millions of gamers by breaching Sony's PlayStation Network. In a letter sent to Congress today, Sony explained that the company had been the target of a "very carefully planned, very professional, highly sophisticated criminal cyber attack designed to steal personal and credit card information."
The letter also implicitly blamed Anonymous: Sony revealed it discovered a file on Sony Online Entertainment servers called "Anonymous" with the group's tagline, "We Are Legion." Case closed, right?
Not really: Most Anonymous members claim the group had nothing to do with this hack and have taken extraordinary steps to distance themselves from it. On the IRC servers Anonymous uses to organize its operations, channels dedicated to attacks on Sony have been systematically deleted for weeks. Even mentioning an operation against Sony can lead to a ban. And when Sony's PlayStation Network went down mysteriously last month—we now know this was when the hack was occurring—Anonymous took the unusual step of issuing a press release claiming that "for once we didn't do it."
Anonymous has come to realize that attacking Sony's PlayStation Network alienates a powerful group of potential supporters: nerds. The point was proved after Anonymous launched an unrelated attack on Sony in early April that briefly took down the PlayStation Network, in retaliation for Sony suing a kid who bypassed the Playstation 3's security systems. The attack sparked a nerd backlash which crippled Anonymous chat servers with retaliatory strikes and was generally a PR disaster.
"All the Sony kids were flooding the [Anonymous chat servers] and whining and complaining," said Gregg Housh an activist associated with Anonymous. An attack on Sony's PlayStation Network "pisses off a lot of people they want as fans not enemies." A similar concern was voiced last December when Anonymous contemplated attacking Amazon in revenge for it banning Wikileaks: One reason for not attacking was concern that the attack might anger people who were trying to do holiday shopping.
The dilemma presented by this new Sony hack shows how Anonymous' greatest asset—its amorphous, grassroots nature—can also be its greatest weakness. As news spreads that Anonymous was behind an attack on millions of gamers, there will likely be another backlash. "Pissed off that Anonymous Hacked PSN," wrote one Twitter user. Stealing millions of regular folks' credit cards is not a good look for Anonymous, the self-styled defenders of free speech.
Cries of "scapegoat" have been filling the Anonyosphere, which will no doubt argue Sony is trying to unload responsibility for its enormous screwup on Anonymous. But frankly there's almost no way Anonymous can disavow a role, especially given their past attacks on Sony: If someone claims to be Anonymous, they are Anonymous. Just as the small cadre of elite hackers who took down the security firm HBGary were Anonymous, whoever was behind the PlayStation hack can claim the Anonymous banner as well—whether "Anonymous" claims them or not.