Yahoo to Warn Users of State-Sponsored Attacks

yahoo-mail-logoYahoo has announced it will follow in the footsteps of Twitter and Facebook and begin warning users when it believes their accounts have been targeted by a state-sponsored actor.

Bob Lord, who was hired as the company’s new CISO in October, discussed the initiative in a blog post Monday.

Lord said Yahoo will only notify users only if it “strongly suspects” their account may have been targeted by a state-sponsored actor. From there it will give users a series of steps to take to verify their accounts are safe.

Those steps include default safety mechanisms Yahoo already offers, like turning on two-step verification, enabling a Yahoo account key, and maintaining a strong and unique password.

Lord stresses the warnings won’t mean that Yahoo’s systems have been compromised, or even that the users’ account has been hacked necessarily, instead that the company suspects the user has been targeted.

Yahoo is the latest company to offer such notifications. In October Facebook announced that it would begin informing users when it believes their account is either targeted by an attacker or has been compromised by a nation-state campaign.

Just last week Twitter began rolling out notifications to a handful of users, including several connected to the privacy and security industry, that their accounts may have been targeted by state-sponsored hackers. Twitter claimed that hackers, possibly associated “with a government,” were attempting to steal users’ email addresses, IP addresses and phone numbers.

Twitter did not inform users how it arrived at this conclusion, and was a little vague when it came to telling users what to do next.

“The notification was not terribly helpful. The message states that my account may have been targeted, but it does not say much about what I can or should do next,” Runa Sandvik, a privacy and security researcher who received a notification, told Threatpost last week.

Like Twitter and Facebook, Yahoo wouldn’t specify exactly how it plans to know whether an attack is state-sponsored, citing security reasons.

“In order to prevent the actors from learning our detection methods, we do not share any details publicly about these attacks,” Lord wrote, “However, rest assured we only send these notifications of suspected attacks by state-sponsored actors when we have a high degree of confidence.”

 

SOURCE: Chris Brook | threatpost.com

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s