Yahoo joins antistate hacking attemptions league as Facebook, and Twitter – Victorville Tech Time
April 4, 2016
Shah Sheikh (1320 articles)
Share

Yahoo joins antistate hacking attemptions league as Facebook, and Twitter – Victorville Tech Time

Search engine giant Yahoo has just joins anti-state hacking attemptions league as Facebook, and Twitter, Yahoo will caution hackers based from another country are aiming at their accounts. They will inform users for hacking attempts.

Goverment Based hacks are growing number in recent years

With a growing number of hacks, breaches, and leaks occupying media real estate, cybersecurity is more top of mind than ever for companies and customers alike. And now, in an effort to keep their users safe, Yahoo is promising to notify individuals “of attacks by suspected state-sponsored actors.” In a blog post published Monday, the Internet giant’s Chief Information Security Officer, Bob Lord, wrote, “Yahoo will now notify you if we strongly suspect that your account may have been targeted by a state-sponsored actor.”

Noting that their team holds the security and safety of users at the highest esteem, Yahoo’s new policy is meant to help Internet denizens “take appropriate measures to protect their accounts and devices in light of these sophisticated attacks.”

The alleged hackers are from China or Russia who cannot rip through corporate or government agency networks, and instead divert their attention on infiltrating an organization via the personal accounts of the employees. If the user employs similar password over their accounts (a number of studies have discovered that they do), or access job-related portals from home, the hackers can pounce on their their targets via those gateways.

Hackers were directly linked to North Korea and China for big-time breaches, such as the attacks that were dished out at Sony Pictures Entertainment and the Office of Personnel Management. Attackers attempting to crack Facebook or Yahoo accounts are not after their Christmas photos or holiday messages: They aim at people to accomplish certain goals states Tom Kellermann, chief cybersecurity officer at the Tokyo-headquartered security company Trend Micro, such as zeroing in on a corporate or government network.

Kellermann states, “If you are a Fortune 1,000 corporate official, C-level, or a senior executive in the U.S. government, or you are within one degree of separation from them — as in, you are a spouse of them, a child of them or a deputy of them — you will and have been targeted already.” People who are connected to those individuals could be targeted since a hacker could utilize account to transmit an email that is plagued with malware to the actual target.

For instance, a long-standing cyber espionage campaign dubbed as Pawn Storm has aimed at the credentials of over 12,000 U.S. and Ukrainian resident since 2014, said Trend Micro. Russian spies behind the group tried to entice Yahoo users into giving access to their accounts via a phishing scam, the security company stated in a blog post in August.

The company’s refuse to reveal how many users it has informed about state-sponsored attacks.

Al Pascual, director of fraud and security at Javelin Strategy & Research states that the industries that are most possibly to be targeted are politics, defense, financial services or critical infrastructure.

Far from pioneers in this practice, Yahoo is the latest in a series of tech companies that have dedicated teams to informing their audience’s of potential attacks. In 2012, Google implemented warnings in the form of pink bars at the top of a user’s screen, and earlier this year, Facebook activated desktop alerts for such occasions. Most recently, Twitter began sending warning emails, and as these sort of attacks become more commonplace, it seems likely that an increasing number of players in the Internet space will have to figure out a way to keep their users in the know.

Yahoo did not reveal whether any incident spurred this policy change, with Lord simply writing, “In order to prevent the actors from learning our detection methods, we do not share any details publicly about these attacks. However, rest assured we only send these notifications of suspected attacks by state-sponsored actors when we have a high degree of confidence.”

While the company has yet to divulge just how it will provide this sort of information, the security officer offered a few security tips to help users protect themselves. Lord recommends turning on “Account Key or Two-Step Verification to approve or deny sign-in notifications,” and provides guidelines for creating a strong password. Moreover, the search engine recommends that you “review your recent activity in your account settings for sessions you don’t recognize,” and has a number of suggestions that will work outside of Yahoo as well.
“Don’t fall for phishing attacks!” reads the blog post, and it also pushes for the installation of anti-virus software on your computer.

In the current advanced technological world cyber crime has become a large market wherein the delicate or personal information of the client is being poached on an immense range. Thes days, cyber security has been gaining more attention due to the expanding dependence of network systems in utmost countries. Network systems comprise a vast variety of smart accessories that include smartphones, televisions and other small devices as part of the Internet of Things. Other networks include the internet and private data networks as well as Wi-Fi, Bluetooth and other wireless networks.

The company has declined to disclose how many users till now it has informed about state-sponsored attacks. The popular social networking sites, Facebook, and Twitter had made a similar announcement in October, December respectively.

Source | Albanydailystar