Page 23 - aruba-today-24dec-2016
P. 23
A23
TECHNOLOGY Saturday 24 december 2016
Yahoo’s mega breach shows how just how vulnerable data is
BREE FOWLER encrypt. And some, such as
AP Technology Writer Google, do so too but not
NEW YORK (AP) — The rev- in a way that would have
elation of Yahoo’s latest protected against this type
hack underscores what of hack. They also hold the
many Americans have keys to that encryption, giv-
known for years: All those ing them the access they
emails, photos and other need for advertising sales.
personal files stored online “If you take a step back, the
can easily be stolen, and 1 billion people aren’t Ya-
there’s little anyone can do hoo’s customers, they’re its
about it. product,” Grossman said.
The only saving grace is For Yahoo users, experts
that the attackers appar- say, there’s little to do ex-
ently did not exploit the cept for changing their
information for fraud. But passwords if they haven’t
their true motives remain a done so in the past three
mystery. years. And it’s tough to pro-
While there are a number tect against future hacks
of straightforward mea- at Yahoo or other compa-
sures all users should take nies that hold personal in-
to protect themselves, rela- formation.
tively few people actually Changing email providers
do. And in this case, do- In this Tuesday, July 19, 2016 file photo, a cyclist rides past a Yahoo sign at the company’s head- is, at the very least, a pain
ing so wouldn’t really have quarters in Sunnyvale, Calif. for most people. Experts
mattered. Even the most Associated Press say picking a tough pass-
scrupulous individual coun- word is a must , though they
termeasures could only lim- Some experts believe the And since most of us are able at the time of the are divided on exactly how
it the damage. record-breaking amount of dependent on big organi- hack. important it is to change it
“Yahoo users could have data stolen in the breach zations that hold our digi- One of Yahoo’s priorities frequently.
had immaculate computer announced Wednesday tal lives in their hands, in a will now need to be keep- The same password should
security and still been the also points to state-spon- broad sense that means no ing its users updated as its not be used for multiple
victim here,” said Will Ack- sored hackers in search one is safe. The hacks rep- investigation progresses, sites, and the questions and
erly, chief technology of- of a specific target, which resent yet another stumble said Jeremiah Grossman, answers needed to reset it
ficer at Virtru, a computer could be why three years for the struggling Sunny- chief of security strategy for should be unique as well.
security firm he co-found- later the data still hasn’t vale, California, company SentinelOne. While perfect security
ed after working for eight been spotted for sale on as it tries to reinvent itself. “I think that would go a doesn’t exist, no one wants
years at the National Secu- the web. And neither Ya- The breaches occurred long way to assuring users to be an easy target either.
rity Agency. hoo breach has yet been during the reign of Ya- and everybody that they’re Cybersecurity experts like
“Short of using encryption, linked to online fraud or hoo CEO Marissa Mayer, a doing the right things,” said to compare the hacker
there’s no way to keep your any specific repercussions once-lauded leader who Grossman, who worked in threat to running from a
email from being compro- for Yahoo users. has been unable to turn security at Yahoo from 1999 bear: You don’t have to be
mised in this kind of hack.” But their disclosure closely around the company in the to 2001. “The best peace the fastest runner — just not
The mega breach dis- follows U.S. intelligence four years since she arrived. of mind in cybersecurity is the slowest.
closed Wednesday ex- concerns about Russian Earlier this year, Ya- transparency.” The Yahoo breach should
posed more than a billion hacking of Democratic hoo agreed to sell its digital There’s only so much a serve as a lesson to users
user accounts, the largest emails during the presi- operations to Verizon Com- company like Yahoo can that they can’t assume that
such attack in history. The dential campaign — not munications for $4.8 billion do to protect its users with- companies, even large
company said the attack to mention recent attacks — a deal that may now be out damaging its business multi-national tech com-
happened in August 2013, on a major health insurer, a jeopardized by the hack- model, which involves sell- panies, are doing security
although Yahoo only dis- medical lab-test company ing revelations. ing advertising based on right, said John Shier, senior
covered it recently. Worse, and the government office Meanwhile, it’s clear data gleaned from its users, security adviser at Sophos.
the company’s announce- that manages millions of that Yahoo didn’t do Grossman noted. “Hopefully this is the one
ment followed a similar an- federal employees. enough to protect its users. As a result, it can’t do that wakes everybody up,
nouncement in Septem- “The lesson is clear: No or- For example, the company things like encrypt user although I doubt it will be,”
ber about a 2014 hack ganization is immune to acknowledges using MD5, data, which would make Shier said. “It’s frustrating to
that Yahoo ascribed to an compromise,” said Jeff Hill, a password-storage meth- the information useless to see this happen over and
unnamed foreign govern- director of product man- od considered by many hackers. Other companies over again when for many
ment. That breach affect- agement for cybersecu- experts to be inadequate that don’t sell advertising, years we’ve known how to
ed 500 million accounts. rity consultant Prevalent. and inferior to others avail- such as Apple, are able to better protect systems.”q
