Essay Sample in Cybersecurity: Yahoo Security Breach

Justification for Article Choice

The above article was published in the New York Times on September 22, 2016, just after Yahoo announced that its systems had been hacked two years ago. The article is relevant to this assignment because it describes one of the greatest information security breaches in recent times. What is more intriguing is the fact that the hacked company, Yahoo, is one of the greatest IT enterprises in the world. Ideally, it could be expected that Yahoo has the most efficient defense systems against cyber-attacks. Therefore, the above news article provides a perfect case study of successful information security breaches in recent times.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

As explained in the news article, about half a billion personal email accounts associated with Yahoo were hacked and confidential information compromised by what is believed to be a state-sponsored hacker. Email addresses, account holders names, birth dates, telephone numbers, security questions and passwords are some of the confidential information accessed by the hackers. While it is not clear who was answerable for this massive information security breach, it is apparent that discovery of this fraudulent activity will have far-reaching implications as extreme as the issues of cyber security and personal privacy are concerned.

Reasons for the Data Breaches

Since the data breach was discovered a few days ago, it is not yet clear what the intentions of the hackers were. In fact, investigations are still underway to determine the circumstances under which the more than half a billion email accounts were compromised successfully. Nonetheless, there are three main technical and non-technical reasons for the breaches. The first one is the desire to make political gains, which is a non-technical reason (Andress, 2014). When Yahoo reported the information breach for the first time, they suspected that the hackers looked like state-sponsored entities, lending credibility to the speculations that the hackers were advancing a political agenda. Political hackers could use the information to launch a cyber war against American entities or even the government. They could also use the information to gain further access to the United States security and information systems.

A possible technical reason for the Yahoo information security breaches is financial gains. It is the most common reason for security breaches initiated by non-state actors. The hackers could have been motivated by the prospects of making money fraudulently, with the ultimate goal of enriching themselves. For example, they could use the personal information stolen to hack into the victims bank accounts (Von Solms & Van Niekerk, 2013). This act raises the issue of identity theft. If the hackers obtained the email holders personal information, it was possible for them (hackers) to obtain bank credit and make purchases in the victims names. They could also use the personal information to blackmail individuals in the victims contact list with the intention of defrauding them. In other cases, the confidential information could be used for targeted scam advertisements.

The last reason is that the hackers were motivated by personal issues. It has been established that some hackers are motivated by the technical possibility of breaking into any security system. The thrill of carrying out a successful cyber attack and not being caught, and the potential of getting away with some useful information cause an addictive behavior in the hackers (Andress, 2014). The most common group of hackers who engage in this kind of crime is the disgruntled employees (former or current). Such employees may want to hack into their employers system as revenge for some perceived wrongs. It is unlikely that the Yahoo information compromise was steered by the companys employees, although this is possible.

Impact of Yahoo Security Breach

Although it is not yet known the extent to which the Yahoo data breach and theft of confidential information has been circulating, such breaches can have serious impacts with spillovers into peoples private lives. One major impact relates to a cyber crime technique called credential stuffing. It involves the massive automated injection of compromised usernames and passwords into websites to access accounts (Shabtai, Elovici & Rokach, 2012). Special software can make this seemingly trial-and-error crime highly successful. Credential stuffing is known to succeed 0.5-1% of the cases, meaning that hackers wielding Yahoos 500 million accounts are capable of hijacking thousands of other accounts across the internet. If that happens, it can result in serious security concerns for individuals, corporate entities, and government agencies.

Moreover, since the hackers were able to obtain information for accessing email, they could read any of the emails. The implications here is that those who had stored confidential information in their emails may have difficult times deciding whether that information had been seen by the hackers. For fear of similar data breaches in future, some people may close down their Yahoo accounts and shift to competitors services. As such, Yahoo is likely to lose millions of email subscribers who are also part of its clientele (Andress, 2014).

Since Yahoo was due to be purchased by Verizon just before the discovery of the breach, the revelation may affect the negotiations adversely. Verizon was to purchase Yahoos core business at $4.8 billion. The scale of liability brought about by the data breach could have a major impact on Yahoos new owners. Moreover, the companys shareholders are likely to be worried that the attack could lead to adverse adjustments in the transaction prices. Overall, Yahoo stands to incur a reduced market value, which may make it less competitive in the market.

Remedies

There are specific measures that Yahoo can take to prevent similar breaches of data in future. According to Andress (2014), the most important step after massive data breaches like the scale of Yahoo is to understand the cause of the problem. The companys system engineers can use forensic techniques to analyze and determine the exact nature of the attack. It has the advantage of eliminating problem reproduction and guesswork from the equation. Effective forensic analysis of system security can help Yahoo in establishing vulnerabilities that can be exploited in future.

Another important remedial action is to enlist the services of third party IT specialists to conduct incident response and gap analysis. The data breach occurred on Yahoos watch, which means that the company has vested interests in keeping its business running. Therefore, engaging the services of its IT staff may not reveal the truth regarding security lapses that led to the data breach. Therefore, the company should bring in an independent and unbiased investigator to determine what happened and how things can be turned around for a more secure information system (Shabtai, Elovici & Rokach, 2012).

Another measure is to enhance encryption capabilities to make the system difficult to be accessed by hackers. Enhanced encryption can help Yahoo keep its data private and prevent hackers from attacking its systems. The enhanced encryption method implemented should be standard based and capable of supporting both structured and unstructured data. Besides encryption, Yahoo needs to implement contextual access control. This strategy ensures secure access to the companys systems based on the identities of the users, where they are and what devices they are using.

Another remedy is to implement a policy of application auditing. This policy will help Yahoo in identifying who has accessed its systems and give alerts based on suspicious use. It is critical to the protection of Yahoos data since most applications do not provide full audit trails regarding system access (Andress, 2014). The company also needs to review its data loss prevention policy by addressing gaps in the system that led to the successful hacking. It should be complemented by policies for enforcing security in cloud-to-cloud settings because these are more vulnerable than other uses.

References

Andress, J. (2014). The basics of information security: understanding the fundamentals of InfoSec in theory and practice. new York: Syngress.

Shabtai, A., Elovici, Y., & Rokach, L. (2012). Introduction to Information Security. In A Survey of Data Leakage Detection and Prevention Solutions. Boston: Springer.

Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber security. computers & security, 38, 97-102.