Yahoo Will Notify Users of 'state-sponsored' Hacks

Uploaded on 2016-01-08 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

 

Yahoo has become the latest technology company to promise to alert its users if it thinks their accounts have been attacked by “state-sponsored actors” – hackers working on behalf of governments.

“Yahoo will now notify you if we strongly suspect that your account may have been targeted by a state-sponsored actor,” said Bob Lord, Yahoo’s chief information security officer, in a blog post announcing the change.

“We’ll provide these specific notifications so that our users can take appropriate measures to protect their accounts and devices in light of these sophisticated attacks. Our notifications provide targeted users with specific actions they can take to help ensure that their Yahoo accounts are safe and secure.”

Those actions include turning on two-step verification; changing their password to a stronger one that has never been used before; updating their account recovery information; and checking recent activity on their account.

Yahoo’s move comes two months after Facebook made a similar announcement in October, telling its users that it would notify them “if we believe your account has been targeted or compromised by an attacker suspected of working on behalf of a nation-state”.

In December, Twitter warned a number of its users that they may have been the targets of a state-sponsored attack, including several experts in information security and privacy.

Google, meanwhile, made this move in June 2012 for a subset of its users who it believed might be targets for phishing, malware or other attacks from state-sponsored “bad actors”.

By necessity, all of these companies decline to provide detailed information on the potential attackers they have identified.
“In order to prevent the actors from learning our detection methods, we do not share any details publicly about these attacks,” wrote Lord. “To protect the integrity of our methods and processes, we often won’t be able to explain how we attribute certain attacks to suspected attackers,” explained Facebook.

The likelihood of online attacks coming from state-sponsored actors has been increasingly talked about in 2015.

Richard Ledgett, deputy director of the US National Security Agency, claimed in October that “if you are connected to the Internet, you are vulnerable to determined nation-state attackers”.

Guardian: http://bit.ly/22GDix6

« Now Anonymous Declares Cyberwar On Turkey
Fighting Cybercrime As The World Goes Digital »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Qualitèsoft Technology

Qualitèsoft Technology

Qualitèsoft Technology is a leading Software Development and Quality Assurance organization. We specialize in Custom Development, Mobile Application, Software Testing and Quality Assurance.

Chubb

Chubb

Chubb is the world’s largest publicly traded property and casualty insurer. Commercial services include Cyber Risk insurance.

Atos

Atos

Atos provides a unique Cyber Security end to end solution with a data-centric and pre-emptive security approach.

Institute for Cybersecurity & Privacy (ICSP) - University of Georgia

Institute for Cybersecurity & Privacy (ICSP) - University of Georgia

The goal of ICSP is to become a state hub for cybersecurity research and education, including multidisciplinary programs and research opportunities, outreach activities, and industry partnership.

Quadron Cybersecurity Services

Quadron Cybersecurity Services

Quadron Cybersecurity Services is a specialist in digital security, data and system protection.

Cyan Securiy Group

Cyan Securiy Group

Cyan provide best-in-class cyber security solutions for mobile Internet and mobile devices that are extremely effective and highly intuitive in their use.

Cyber Defense Technologies (CDT)

Cyber Defense Technologies (CDT)

Cyber Defense Technologies provides services and turn-key solutions to secure and maintain the integrity of your organization’s systems and data against attacks.

Sotero

Sotero

Sotero is the first cloud-native, zero trust data security platform that consolidates your entire security stack into one easy-to-manage environment.

Single Point of Contact

Single Point of Contact

Single Point of Contact is a Managed IT Services provider that helps businesses to achieve a seamless and secure IT environment.

Flare Systems

Flare Systems

Flare proactively detects and remediates exposure across the clear & dark web, providing organizations with the equivalent of an automated cyber reconnaissance team.

North Green Security

North Green Security

North Green Security is a UK-based cyber security training and consultancy company.

Prembly

Prembly

Prembly are a compliance and security infrastructure company.

RealDefense

RealDefense

RealDefense develops and markets various privacy, security and optimization technologies and services for consumers and small businesses.

White Knight Labs

White Knight Labs

White Knight Labs is a cyber security consultancy that specializes in cybersecurity training.

Cloudaeris

Cloudaeris

Cloudaeris is a trusted Microsoft Partner, and we've got what it takes to make your business more efficient and agile.

PDI Technologies

PDI Technologies

PDI Technologies helps convenience retail and petroleum wholesale businesses around the globe increase efficiency and profitability by securely connecting their data and operations.