When you think of terrorism, many images will come to mind. We associate it with terrific damage, large-scale loss of life, and scenes of tragedy and destruction. It’s a tool utilized by the cowardly to strike fear into populations they seek to influence. It’s a threat all too real in our modern world. It’s not something we typically joke about, nor is it something most sane people would wish to associate themselves with. But that’s just what one group wish to do following a series of attacks on some of gaming’s biggest names.
This past Sunday, Sony reported that the PlayStation Network (PSN), which supports multiplayer gaming and the purchase of games, apps, films and TV shows on its PS3, PS4 and PS Vita consoles, was forced offline in an attack by cyber criminals. John Smedley, President of Sony Online Entertainment, tweeted that a “large scale DDoS” attack was being fought by Sony employees, which resulted in disruption to the PSN and its services. DDoS, or distributed denial-of-service, attacks involve a group of computers specifically targeting an online service, saturating the service with external requests from the computers targeting it. The service is unable to cope with the sudden increase of traffic, or responds too slowly to work properly given the saturation of requests it is receiving, and thus is rendered inoperable for normal users.
DDoS attacks are considered some of the most unsophisticated in the world of hacking, requiring limited technical knowledge to accomplish. Sony is no stranger to hacking, as three years ago it was the subject of a massive “external intrusion” (i.e. hack) that led to the PSN being offline for three weeks and the personal details of 77 million PlayStation Network users being stolen by the hackers. It was, and remains, one of the largest data security breaches in history, with Sony later fined in the United Kingdom for putting its users’ personal and financial data at risk with its relatively lax security. A DDoS attack, in comparison, is a relatively mild affair.
However, the circumstances surrounding the attack are what have drawn the most attention from the media and law enforcement. Four hours after Smedley tweeted about the DDoS attack, he notified followers that he was “Going offline for 3 hours… Flying back to SD.” Then, three hours later, he tweeted again, this time with a more troublesome message: “Awesome. Flight diverted to Phoenix for security reasons.”
After another three hours, and mentions of problems with security and the plane’s cargo, Smedley tweeted for the final time that day, stating, “Yes. My plane was diverted. Not going to discuss more than that. Justice will find these guys.” The “guys” in question are a group known as Lizard Squad, who sent a tweet to American Airlines asking them to investigate the flight Smedley was on, as they had “been receiving reports that [it] has explosives on-board,” adding “please look into this.”
The threat was a hoax. No explosives were found on board and the passengers of the flight, including the Sony executive, were allowed to disembark and continue their travels from Phoenix. As media outlets looked into the group responsible for causing American Airlines to divert the flight, it became clear that Lizard Squad were claiming responsibility not only for the Sony attack earlier in the day, but also attacks on other gaming services that weekend, including ones on Microsoft’s Xbox Live service and Activision Blizzard. Microsoft declined to comment on the disruption, stating that Xbox One owners had experienced “server unavailability issues,” while Activision Blizzard’s Battle.net game services confirmed a DDoS attack and stated they were working to “improve the situation and currently are seeing more stability.” On Sony’s front, Sid Shuman, PlayStation’s senior manager for social media, blogged that they had “seen no evidence of any intrusion to the network and no evidence of any unauthorized access to users’ personal information.”
If the point of the attacks wasn’t to steal personal information – as had been the case with Sony back in 2011 – why were Lizard Squad claiming to have started the DDoS attacks? Further confusion was caused by a series of tweets claiming links to ISIS, or Islamic State, the group responsible for the horrific slaughter of thousands of men, women and children in Iraq and Syria and the murder of journalist James Foley, which captured the world’s attention last week. One tweet carried a photo of the ISIS black flag, stating “Today we planted the ISIS flag on @Sony’s servers.” Another attempted to clarify the reason for the attacks: “Kuffar [a slur used to reference non-believers] don’t get to play videogames until bombing of the ISIL stops.” Lizard Squad were painting themselves as an extension or support wing of Islamic State – and the threat is serious enough that the FBI has launched an investigation into the bomb threat and DDoS attacks.
Of course, there’s one element that many media outlets have failed to consider: that of the Internet troll. Trolling on the Internet has existed almost as long as the Internet itself, whereby certain users seek to spoil the fun of others by deliberately misusing it or attacking others for attention, or even just for fun. Lizard Squad’s first tweet occurred on August 18, stating “League of Legends NA #offline.” Any reference to ISIS or ISIL or any extremist agenda was absent until a few days later during the Sony attacks – up until then, it justified its attacks on various other games, including popular online RPG Runescape, because “Multi-million dollar companies aren’t spending your money to ensure your game has good service.” If that sounds familiar, it’s because it’s the same language used by Anonymous and various other hacking groups in their justification for targeting large companies. Indeed, an Anonymous hacker has also claimed responsibility for the recent attacks on several high profile titles, and none have been able to prove definitively that they were the original instigators, the BBC reports.
Of course, this raises the question as to why the owner or owners of the Lizard Squad Twitter account are deliberately baiting authorities with references to extremist groups and committing felony acts such as falsely reporting a bomb on John Smedley’s plane. The relative anonymity of the Internet only stretches so far, and if Lizard Squad exists just to troll people, it has caused real-world danger with its bomb scare. In the days following the DDoS attacks, the account has repeatedly tweeted that they are beyond prosecution. “You think I’m scared of the FBI?” or some variation is a common statement. Smedley himself dismisses the group as lacking any real threat, tweeting after the bomb scare that he wished news outlets “would stop letting these DDoS trolls’ occasional use of the ISIS crap be taken seriously,” later adding “those ISIS guys are pure evil and shouldn’t be conflated with trolls.”
While it was correct for American Airlines to take the bomb threat seriously – after all, it would be unwise to mistake a troll for the real deal – there is definitely a lesson to be learned in all of this. Why, in 2014, are some of the biggest names in online gaming, which handle millions of gamers and billions of transactions, able to be brought down by a simple DDoS attack? Given Sony faced months of embarrassment in the wake of its last hacking scandal, why has it left itself open to the crudest form of digital interruption? As one of the hackers who claimed responsibility for this latest attack stated in a video – now removed – on YouTube, “You apparently didn’t solve a thing when you went down for a month. I hope you think twice next time.” If a troll can bring down a global service with relative ease, that’s the part of this story on which we should all be focusing.
Image Credit: Todd Franson