Foreign Governments May Have HACKED YAHOO
As the investigation continues into the hacking of half a million Yahoo accounts, foreign governments may be responsible for the attacks, according to an Associated Press story.
If the attacks were sponsored by a foreign government it means the motives may be for long term results instead of being a get rich scheme.
The Yahoo security breach included email addresses, passwords and birth dates. Although it’s believed that no financial information was compromised, the stolen data could help fraudsters commit financial crimes such as identification theft.
Ordinary people could also end up as victims if their personal information appears on internet sites that buy and sell stolen data. Since most people may use the same password for entry into numerous sites, a hacker could surmise that they are using the same password to access bank accounts and credit cards.
The Associate Press reports that if the cyber attacks were “state sponsored”, foreign governments could combine the stolen Yahoo files with other information to create an extensive file on United States government officials, or corporate executives of huge conglomerates.
“With state sponsored attacks it’s not just financial information that’s of value,” said Lance Hoffman co-director of the Cyberspace Security and Privacy Institute in George Washington University.
“In the long run, if the State accumulates a lot of information on you, especially if it corroborates with other sources, it can assemble a pretty good profile.”
He said governments often hack emails to spy on its citizens or dissidents. Experts claim that the 2010 hacking of Google Gmail accounts was used by the Chinese government to investigate human rights activists.
However, Yahoo still hasn’t displayed the evidence that makes Sunnyvale, California believe the attack was state sponsored. Yahoo security official Bob Lord says the company is withholding its reasons for believing China was responsible because it would mean disclosing how they investigate such attacks.
Some analysts claim State Sponsored is a “a vague term” and an easy excuse for companies to deflect blame for their own security lapses. It also implies that it’s impossible to deter hackers who are backed by foreign government resources, according to Gunther Ollman, chief security officer of the British cyber security company Vectra Networks.
Tim Erlin, senior director of security and risk strategy at the cyber security firm Tripwire, says hackers could use a “phishing” method against the personal email accounts of people who have access to valuable information. In addition to comprising government officials in important offices, the hackers could also target executives of huge international corporations, to commit corporate espionage. This would allow the governments an unfair advantage when its local companies compete for business.