Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Security Yahoo! Businesses Communications Government Privacy The Internet News Technology

The Yahoo Hackers Weren't State-Sponsored, Security Firm Says ( 34

itwbennett writes from a report via CSO Online: After Yahoo raised eyebrows in the security community with its claim that state-sponsored hackers were responsible for the history-making breach, security firm InfoArmor now says it has evidence to the contrary. InfoArmor claims to have acquired some of the stolen information as part of its investigation into "Group E," a team of five professional hackers-for-hire believed to be from Eastern Europe. The database that InfoArmor has contains only "millions" of accounts, but it includes the users' login IDs, hashed passwords, mobile phone numbers and zip codes, said Andrew Komarov, InfoArmor's chief intelligence officer. Earlier this week, Chase Cunningham, director of cyber operations at security provider A10 Networks, called Yahoo's claim of state-sponsored actors a convenient, if trumped up, excuse: "If I want to cover my rear end and make it seem like I have plausible deniability, I would say 'nation-state actor' in a heartbeat." "Yahoo was compromised in 2014 by a group of professional blackhats who were hired to compromise customer databases from a variety of different targeted organizations," Scottsdale, Arizona-based InfoArmor said Wednesday in a report. "The Yahoo data leak as well as the other notable exposures, opens the door to significant opportunities for cyber-espionage and targeted attacks to occur."
This discussion has been archived. No new comments can be posted.

The Yahoo Hackers Weren't State-Sponsored, Security Firm Says

Comments Filter:
  • by speedplane ( 552872 ) on Thursday September 29, 2016 @08:18PM (#52986447) Homepage
    If it's true that Yahoo had no evidence to suggest a state sponsored attack, then Marissa Meyers should issue an official apology. They are inserting themselves in geopolitics purely for their own financial gain. Sickening.
    • When Yahoo announced that they suspected they were hacked by "state-sponsored actors", my first question was "Well, how do they know?".

      They don't seem to know who did it, but they already know that the hackers were state sponsored? That seems really fishy.
      • They don't seem to know who did it, but they already know that the hackers were state sponsored? That seems really fishy.

        It definitely seemed fishy. But I gave them the benefit of the doubt simply because it is a very serious allegation, one that a sophisticated company would not throw around too quickly. There should be some form of punishment (monetary, public shaming) if it turns out to be baseless.

    • Marissa Meyers should issue an official apology.

      Good luck with that she's probably already got a bullet point on her CV (Resume for those across the pond) about how she lied about that

    • I don't think it's for financial gain. Rather an attempt to gain sympathy or to hide their incompetence.

      In the mass mindset, even if you secured your networks but were attacked by a " State " actor, then somehow it isn't your fault :|

      However, if / when it comes out that you just didn't bother to keep up to date with common security practices and all that personal data gets taken, then your company tends to look bad.

      So, just about everyone and their brother is going to claim a " State Sponsored " attack in

      • I don't think it's for financial gain. Rather an attempt to gain sympathy or to hide their incompetence.

        It's a corporation. Everything they do is for financial gain.

  • by AHuxley ( 892839 ) on Thursday September 29, 2016 @08:34PM (#52986503) Journal
    So no trace of the smart Bear, skilled Bear, deceptive Bear or deep network Bear code?
    Give the contractors time, later some ip rage, code fragment or just a timezone will be found showing Bear related entry and vast undetected plain text data flows.
    Is work day timezone data flows to some distant nation not proof? Their gov works 9 to 5 so any data moved within their timezone at that time is proof enough....
    National ip range logs at anytime over the months? Just one national ip needs to be found?
  • How would they know? (Score:4, Informative)

    by ron_ivi ( 607351 ) <.moc.secivedxelpmocpaehc. .ta. .ontods.> on Thursday September 29, 2016 @08:51PM (#52986563)
    Considering dozens of Intel agencies buy from black-hat groups ---- and they're good at buying stuff under pseudonyms ---- how would anyone know if they were state sponsored or not?
    • The only way you would know is if the state sponsoring them actually came clean and told you. I would seriously doubt even the hackers themselves would know who they are working for.
  • by Anonymous Coward

    Who says there is only one group. Quite possible multiple separate groups could have been in the network at the same time!

  • by Anonymous Coward

    Of course. 'State-sponsored attacks' have been peddled by the media long enough as a huge doomsday thing that the corporate PR people have realized that everyone will give a pass to any poor company besieged by such a massive, unstoppable attacker. Couldn't have been helped, nosireee.

    Of course state attackers *are* extremely powerful and dangerous -- but companies have already clued in that blaming them is a free pass from the public for shoddy security.

  • by erp_consultant ( 2614861 ) on Friday September 30, 2016 @12:37AM (#52987155)

    This "State Sponsored Hackers" thing is now the new "Dog ate my homework" lie. I guess it's better than, you know, telling the truth. But I suppose if she ever had to testify over it then it would be a bunch of take the 5th and "I don't recall".

"I will make no bargains with terrorist hardware." -- Peter da Silva