Sony Cyberattack Arrests Made in Spain

Sony Cyberattack Arrests Made in Spain
Spanish police said Friday they arrested three members of the Anonymous hacking group who allegedly directed attacks on banks, government websites and companies including Sony.

Spain said it was the first police operation in the country dedicated to tracking down Anonymous, a decentralized group of activists who have mounted distributed denial-of-service attacks (DDOS) against businesses and organizations. The arrests were made in Barcelona, Alicante, and Valencia.

Those arrested helped direct the attacks on the websites for the Sony PlayStation Store, the bank BBVA, the Italian utility company ENEL and websites belonging to the governments of Egypt, Algeria, Libya, Iran, Chile, Colombia and New Zealand, Spanish police said. The names of those arrested were not released by police.

Targets for Anonymous have included the Scientology website and companies that cut off relations with the whistleblower WikiLeaks website, such as Visa, MasterCard, PayPal, Amazon.com and PostFinance, a Swiss financial institution.

The loose-knit group attracted followers who downloaded a tool called the Low Orbit Ion Cannon (LOIC), a simple DDOS tool to aid in the attacks. Some of the more technically adept Anonymous members used botnets, or networks of hacked computers, to carry out DDOS attacks.

In Spain, the police said Anonymous has attacked the websites of the Catalan police, and in May, the Central Electoral Board and the UGT trade union.

How The Investigation Worked

The country's Technological Investigation Brigade, part of the National Police, analyzed more than 2 million lines of chat logs as well as web pages to find those who were arrested.

The investigation started in October 2010 after Spain's Ministry of Culture came under a DDOS attack that was organized through websites and chat networks by Anonymous, police said.

During one of the raids, police found software used to create malware. The group also allegedly used sophisticated techniques to encrypt their communications, which make it difficult for police to intercept and identify. Two of those arrested did not even have their own Internet connection and instead relied on hacking other Wi-Fi networks for their activities.

In January, U.K. police arrested three teenagers and two other people for allegedly taking part in a series of denial-of-service attacks against major websites as part of Anonymous. The five males, who range in age from 15 to 26, were charged with offenses under the Computer Misuse Act of 1990.

(Leo King of Computerworld UK contributed to this report.)

Send news tips and comments to jeremy_kirk@idg.com

Subscribe to the Security Watch Newsletter

Comments