Who would want access to 1 billion Yahoo accounts? - Action News
Home WebMail Tuesday, November 26, 2024, 08:00 AM | Calgary | -17.5°C | Regions Advertise Login | Our platform is in maintenance mode. Some URLs may not be available. |
Science

Who would want access to 1 billion Yahoo accounts?

What will happen or has already happened to Yahoo's one billion compromised accounts will depend on who has control of the data: a foreign government or an independent attacker.

Unclear whether a foreign government or independent attacker was behind the breach

It's unclear whether a foreign government or independent attacker was behind the most recent Yahoo breach. (Paul Sakuima/Associated Press)

The tech company Yahoo hasrevealed that an "unauthorized third-party" managed to steal account data for more than a billion of its users. Now, the question on everyone's mind is not merely who,but why?

Unlike other high-profile breaches affectingservices such as LinkedIn, MySpaceand Ashley Madison, it does not appear that the stolenYahoo data has been widely shared or publicized online. Rather, the intrusion which Yahoo says occurred in August 2013 remained undetected for over three years, until law enforcement brought the matter to Yahoo's attention last month.

It suggests that that whoever stole the company's data may not have been motivated by a quick chance at profit or, chose tousethe data more discreetly if they were they were after profit at all.

In September, Yahoo announced a separate but related incident in which theaccount data of 500 million users was also stolen, and attributed the attack to a "state-sponsored actor" a now-common cybersecurity euphemism for either a foreign government or a group acting on a government's behalf.

But in this newly discovered hack, it's not clear who accessed the massive trove of user information which included names,emailaddresses, phone numbers and secured passwords, but not financial data or how the hackerinfiltrated Yahoo's systems.

If this most recent attack is also state-sponsored, says Albert Gidari, the director of Privacy at the Stanford Center for Internet and Society, "it's government espionage that's really at issue."

Gidari says the size of the breach fits the profile of a government actor, which is typically motivated by an interest in collecting "large volumes of data that gets warehoused for future reference."

"Governments collect because they have voracious appetites for data," Gidari explained. "And they don't have storage limitations, and they're not driven by the economics of commercialism when they act on this stuff. So they may find many uses for it down the road."

Profit potential

Government actors aside, the sheer breadth and depth of the stolen data suggests it could have other uses, depending on who has control of the trove.

While some attackers have been known to quickly sell or share the stolen data for others to use,massive datasets of user information can potentiallybe morevaluable to sophisticated or savvy hackers if kept secret long term.

"Depending on who's got it, you might want to, rather than sell it, extract information out of [the accounts], and sell that information, rather than give up the fact that you've got all that information," says Marcus Thomas, who was the FBI's assistant director of operational technology until 2011, and is now the chief technology officer of Subsentio, a provider of legally authorized surveillance services to law enforcement in the U.S.

Bloomberg, for example, reported that the breach included more than 150,000 addresses linked with U.S. government and military personnel,based on an analysis of previously released dataof stolen Yahoo email addresses, which have been specifically targeted in the past by independent hacking groups and governments alike.

"It's really a trove for any government to obtain this kind of volume," Gidari said and if that's the case,"the repercussions from it are not going to be immediately visible."