yahoosunnyvaledaytime100600209orig

Yahoo mimics Facebook, Google with 'state-sponsored' attack warnings

Yahoo last week followed the lead of rivals Facebook and Google by telling users it would warn them when it believes they are in the crosshairs of state-backed cyber attackers.

"Yahoo will now notify you if we strongly suspect that your account may have been targeted by a state-sponsored actor. We'll provide these specific notifications so that our users can take appropriate measures to protect their accounts and devices in light of these sophisticated attacks," wrote Bob Lord, Yahoo's chief information officer, in a Dec. 21 post to a company blog.

Google instituted a similar warning to users of its Gmail email service in mid-2012; Facebook followed suit two months ago.

Like Google and Facebook, Yahoo declined to go into specifics about how it separates the state-sponsored wheat from the run-of-the-mill hacker chaff, and used the same reasoning for not revealing its techniques -- essentially telling users of its Yahoo Mail to trust the company. "In order to prevent the actors from learning our detection methods, we do not share any details publicly about these attacks," said Lord. "However, rest assured we only send these notifications of suspected attacks by state-sponsored actors when we have a high degree of confidence."

Traditionally, nation-backed cyber attacks have a reputation as being more sophisticated, sneakier and aimed at individuals believed to be in possession of important information, in many cases, state or commercial secrets. Security companies invariably label an attack as "state sponsored" when it rises significantly above the usual level of competence.

It's rare, however, that culpability is clear-cut -- attackers of all stripes go to great lengths to disguise their identities, locales and code source -- and hacker gangs not associated with a nation state are often indistinguishable from those backed by a government. Information, of course, has an inherent value, whether obtained by a state-backed or strictly criminal group, making the line between the two blurry at best.

Lord also did not say what triggered Yahoo's move -- a spike in such attacks or a specific incident -- making it possible that it was as much "we do this, too" as a move related to actual attacks.

Lord recommended several actions notified users can take, ranging from verifying that account recovery and email forwarding settings have not been monkeyed with to enabling two-factor authentication.

Security professionals typically suggest those same moves whenever an email or Web service user suspects that an account has been hijacked.

IDG Insider

PREVIOUS ARTICLE

« Top 10 career stories of 2015

NEXT ARTICLE

All Samsung smart TVs will be 'IoT-ready' in 2016 »
author_image
IDG News Service

The IDG News Service is the world's leading daily source of global IT news, commentary and editorial resources. The News Service distributes content to IDG's more than 300 IT publications in more than 60 countries.

  • Mail

Recommended for You

International Women's Day: We've come a long way, but there's still an awfully long way to go

Charlotte Trueman takes a diverse look at today’s tech landscape.

Trump's trade war and the FANG bubble: Good news for Latin America?

Lewis Page gets down to business across global tech

20 Red-Hot, Pre-IPO companies to watch in 2019 B2B tech - Part 1

Martin Veitch's inside track on today’s tech trends

Poll

Do you think your smartphone is making you a workaholic?