Yahoo hack shows data’s use for information warfare

Washington: The 2013 hack affecting a billion Yahoo users shows how seemingly innocuous bits of data gleaned from cyber attacks can be exploited for espionage and information warfare, as well as for profit.
The breach, disclosed on Wednesday, is the largest on record and comes just months after Yahoo disclosed a separate attack in 2014 affecting data from 500 million users.
On the surface, the trove of data is “a bunch of junk,” said John Dickson of the security consultancy Denim Group.
But the ability to create a searchable database with data tidbits such as birth dates and phone numbers makes it enormously valuable to hackers seeking to make a profit or engage in industrial or state espionage, he said.
“If you’re trying to research and get information about a target, you’re going to use everything you can find,” said Dickson, a former officer in the Air Force Information Warfare Center.
The Yahoo hack did not collect credit card or Social Security numbers, according to the company, leading some analysts to speculate that the goals were not financial.
“For someone using data as a weapon, this is of tremendous value,” said Steve Grobman, chief technical officer at Intel Security.
James Scott, a senior fellow at the Institute for Critical Infrastructure Technology, a cybersecurity think-tank, said that while details are still unknown, the attack could fuel disinformation campaigns by governments.
Scott noted that the data had not appeared for sale on Deep Web markets — that is, in murky corners of the web that cannot be reached by standard search engines.
“And since a significant number of victims (if any) have not reported identity theft resulting from the incident, there is a strong likelihood that the breach was not conducted for monetary gain,” Scott said.
“This could indicate that the breach was an espionage stage of an information warfare effort.”
The disclosure of the breach comes amid intense scrutiny of cybersecurity in the US election campaign and of the potential impact of hacked email accounts from people close to Democratic presidential candidate Hillary Clinton.
US officials have claimed Russia was behind the attack aimed at disrupting the election.
One of the hacks was a Gmail account of Clinton campaign chairman John Podesta. Media reports say he or an assistant was fooled by a fake email that prompted him to reveal his password.
Security analysts say such attacks are often preceded by lengthy data-gathering campaigns that might look for personal information such as a birth date or former school or university.
Yahoo said it was not clear who was behind the billion-user hack but that some evidence pointed to “the same state-sponsored actor” believed responsible for the previously disclosed cyber attack.
The security firm InfoArmor said in September that its analysis of the first breach indicated “professional” hackers stole the Yahoo data, and only later sold it to a state entity. InfoArmor said at the time that the breach “opens the door to significant opportunities for cyber espionage and targeted attacks to occur.”
Grobman said some attackers may mix real data with manipulated information to distort facts, creating further confusion and mistrust. — AFP