Yahoo Joins Facebook To Warn Users of State-Sponsored Hacks

While plenty of cyberattacks are still conducted by the stereotypical "hacker in a basement," state-sponsored hacking is also on the rise -- prompting Yahoo to become the latest tech company to offer warnings of such attacks. In a blog post earlier this week, chief information security officer Bob Lord said Yahoo will offer specific security suggestions to users who appear to be the targets of state-sponsored attacks.

Facebook made a similar pledge in October. And earlier this month, Twitter also sent its first e-mail warning to some users it suspected had been singled out by state-sponsored hackers. Google has been offering such warnings since 2012.

Foreign nation-states accounted for 8 percent of cyberthreats to organizations in 2014, with another 23 percent caused by unknown perpetrators, according to PwC's 2015 U.S. State of Cybercrime Survey. Individuals can also be targeted by state-sponsored hackers for a variety of reasons, including "eavesdropping, stealing information, and/or unmasking anonymous users," a research team told the Usenix Security Symposium last year.

Refining Detection of State Threats

Yahoo is continually working to "refine our detection and notification of state-sponsored threats," Lord said in his blog post. However, he also noted it would not publicly share the reasons for suspecting such threats "to prevent the actors from learning our detection methods."

Yahoo users who receive notifications of possible state-sponsored attacks should take a number of steps to protect their accounts, Lord said. They include enabling two-step verification or Yahoo's Account Key password-free login system; checking recent account activity and settings for suspicious signs; and using strong passwords that are not shared with other people or other accounts.

"It's important to note that if you receive one of these notifications, it does not necessarily mean that your account has been compromised," Lord added. "Rather, we strongly suspect that you may have...

Comments are closed.