Question

(please type the answers) (system and technology 5360)case 5-1: Yahoo Wins the Gold and Silver Me...

(please type the answers) (system and technology 5360)

case 5-1: Yahoo Wins the Gold and Silver Medal for the Worst Hacks in History, case study listed below

Yahoo Wins the Gold and Silver Medal for the Worst Hacks in History!

It wasn’t until Fall 2016 that Yahoo alerted its users and the public to the first of two of the largest known breaches of user information in history that had occurred 2–3 years earlier. On September 22, 2016, Yahoo publicly disclosed that over 1 billion Yahoo account records were stolen in mid-2013. A second news release on December 15, 2016, revealed a second attack that occurred in 2014 when the account information of over 500 million Yahoo account holders was breached. The delay in reporting is partly due to the fact that Yahoo itself did not know of the breach until shortly before releasing these statements to the public. The information leaked in the attacks included e-mail accounts, telephone numbers, street addresses, unencrypted security questions and answers, but no financial information.

To add insult to injury, at the time of the first news release, Yahoo was in negotiations with mega-corporation Verizon to acquire Yahoo for $4.83 billion. After the first news release, Verizon said that the announcement could have a negative impact on their purchasing decision. The second news release caused Verizon to further review the financial implications of the two breaches and reduce its offer by $350 million.

The 2013 breach was conducted by an unknown unauthorized third party. The information stolen in the 2014 attack was sold by a “state-sponsored actor” on the Dark Web for 3 Bitcoins (approx. $1,900). The actor, who used the name “Peace” is of Russian origin and attempted to sell data from 200 million Yahoo users online. Yahoo urged all of its users to change their passwords and security questions and to review their accounts for suspicious activity. To date, little information has been released on the 2013 breach, but more is known about the incident that occurred in 2014.

How the Second Attack was Carried Out

The data theft was similar to the way in which a typical online attack of a database is carried out. The protections used for database containing the login and personal information were insufficient to protect against the advanced methods used by the hackers. In this case, the encryption method employed in the database was broken by the hacker. Additionally, cybercrime analyst Vitali Kremez maintains that the hacker stole the information from Yahoo slowly and methodically so as to not draw attention to the breach taking place.

Since the breach was not immediately detected, the hacker had plenty of time to leverage the information in a financially, personal, or politically beneficial manner. It is not clear if the seller is the original hacker.

Impact of the Data Breach

Since the breaches were so devastating and far reaching to most of Yahoo’s customer base, Verizon is having second thoughts about the acquisition. Craig Silliman, general counsel to Verizon, said Verizon has “a reasonable basis” to believe that the data breach will have a significant impact on the deal proceedings and the likelihood that it will actually happen (Fiegerman, 2016). He furthers to explain that Yahoo will have to convince Verizon that the breach will not affect future processes in the company and that more security features have been and will be implemented. Also, the incidents could make the Yahoo deal worth about $200 million less than the $4.8 billion initially settled upon. In addition to the decreased value of Yahoo’s core assets, the company’s stock fell about 2% after the comments by Craig Silliman.

Justice is Served

On March 17, 2017, the U.S. Department of Justice indicted two Russian Intelligence agents and two state-sponsored hackers, Alexsey Belan and Karim Baratov, for the theft of the Yahoo user data in 2014. Belan, one of the FBI’s most notorious criminal hackers, had been previously indicted in two other cases. In the indictments it was revealed that the targets of the theft included Russian journalists, U.S. and Russian government officials, military personnel, and private-sector employees of financial, transportation, and other companies (Balakrishnan, 2017).

The obvious issue surrounding the Yahoo data breaches is Internet security. Simple username, password, and security questions simply are not enough to keep hackers at bay. UC Davis professor Hemant Bhargava notes that two-factor authentication (TFA) is successful in many other companies and that Yahoo should follow suit (Matwyshyn & Bhargava, 2016). An example of TFA would be that a user is asked to enter information such as username and password, then a mobile app generates and sends a random number code for the user to enter before being granted access to his or her account. Both the Yahoo account and the mobile app are linked to a common, secure account. This method is exceptionally popular and useful since over 50% of Web users access the Web through their mobile phones.

question 1. provide a detailed overview of the case study and a detailed problem statement of the case study

Answer 1

System and Technology 5360 : Case 5-1 : Yahoo wins Gold and Seilver Medal for the worst hacks in History

Yahoo revealed on September 22, 2016 about data breach of user information history that occurred in mid 2013. The breach was conducted by an unknown unauthorized third party. One more news released on December 15, 2016 that a second data theft happened on 2014 of about 500 million Yahoo account holders. The stolen information was attempted to sell by a Russian actor named “Peace” in Dark Web for 3 Bitcoins.

Yahoo was late to reveal these information’s to their users until 2016 as they themselves were unaware of the fact that the breach has occurred. Yahoo urged it’s users to monitor their accounts for suspicious activities and also to change passwords and security questions.

The leaked information’s were about users e-mail accounts , telephone numbers, street addresses, unencrypted security questions and unencrypted security question and answers. Luckily there was no financial information leaked.

On March 17, 2017, the US department of Justice indicated involvement of two Russian Intelligence agents and two state sponsored hackers Alexsey Belan and Karim Baratov. The targets of the theft were Russian Journalists, U.S. and Russian government officials, military personnel and Private sector employees of financial, transportation and other companies.

According to the cybercrime analyst Vitali Kremez revealed that yahoo’s data encryption was not advanced enough to stop the advanced hacking techniques. The hackers were doing the hacking process slowly and methodically to avoid Yahoo’s attention towards the hacking. The slow data breach process gave the hackers to gain maximum advantage of the information in a financial, political and personal beneficial manner.

Verizon was about to buy Yahoo for $4.83 billion when the first attack news was released on 2016. As Yahoo announced about the attacks one after another in 2016, it impacted Verizon’s acquisition decision and they have reduced the final offer by $350 million. Verizon also insisted Yahoo to promise that this kind of data breach will not happen in future and to implement more security.

PROBLEM STATEMENT:

Simple Username, password and Security questions were the only protective barriers that hackers had to breach to access Yahoo user information’s. These security measures were not enough to stop the advanced hacking methods used by the hackers.

Yahoo was advised to use the two – factor authentication method (TFA) where the Yahoo account and a mobile application will be linked to a common secure account. In TFA when a user enters username and password, an authentication code is being sent to the registered mobile number for the user to enter and verify so that the user can be granted access to their accounts. This is a far more secure and encrypted protection method of a user account than mere password and security questions.