Two Russian Spies Charged for Massive Yahoo Breach
In late 2016, I wrote a brief post about how one billion Yahoo accounts were hacked. Last December Yahoo revealed that it suffered a security breach back in 2013 that compromised more than one billion accounts. This, however, is different than the breach that occurred in September of 2014 where over 500 million user accounts had been hacked. These two attacks are the largest breaches of one company’s computer network.
Last week, the US government charged two Russian spies and two criminal hackers. All four were involved with the 2014 Yahoo hack that compromised about 500 million Yahoo user accounts.
In this hack they managed to get a hold of a secret directory that contained Yahoo usernames, encrypted passwords, security questions and answers, and other important information. Then the hackers used this sensitive data to ‘fool’ Yahoo servers into thinking the bad guys’ web browsers were already logged into Yahoo’s online services. This technique is called cookie stealing.
A cookie is a small piece of data sent from a website and stored on the user's computer by the user's browser while the user is browsing. Most websites allow users to choose to stay logged in for up to 30 days before the cookie expires. If the user's cookie hasn't expired, they don't ever need to enter a password to log in which results in the full access to that account. Using this method, the hackers broke into 6,500 targeted accounts, including those of Russian journalists and politicians.
With many dangers, it’s imperative that your people understand the importance of creating a culture of security. If you feel as though your business does not have a strong security posture, then it’s time for a conversation with our experts.