Subscribe free to our newsletters via your
. 24/7 Space News .

Subscribe free to our newsletters via your

Cyber warriors see politics muddying security efforts
San Francisco (AFP) Feb 16, 2017

Yahoo notifies users of sophisticated breach methods
San Francisco (AFP) Feb 15, 2017 - Yahoo said Wednesday it was notifying some users that hackers may have been able to use a maneuver to break into their accounts without stealing passwords.

The latest notifications were in response to the record breach disclosed late last year affecting an estimated one billion users -- which involved forging of "cookies" or files used to authenticate users when they log into their accounts.

The notification indicates the investigation into the attacks are in the final stage, according to a source familiar with the matter, noting that messages had been sent to "a reasonably final list" of Yahoo users.

A Yahoo spokesman said the company was notifying all potentially affected users and that it had "invalidated" the forged cookies.

"As we have previously disclosed, our outside forensic experts have been investigating the creation of forged cookies that could have enabled an intruder to access our users' accounts without a password," the company said in a statement.

"The investigation has identified user accounts for which we believe forged cookies were taken or used."

Yahoo announced in September that hackers in 2014 stole personal data from more than 500 million of its user accounts. It admitted another cyber attack in December, this one dating from 2013, affecting more than a billion users.

The data breaches have been a major embarrassment for a former internet leader that is in the process of selling its core operations to telecom giant Verizon for $4.8 billion.

Some reports Wednesday said the two companies had agreed to discount the price by $250 million to $300 million following disclosure of the attacks.

Neither Yahoo nor Verizon commented on the reports.

Yahoo is selling its main operating business as a way to separate that from its more valuable stake in Chinese internet giant Alibaba.

The share-tending entity, to be renamed Altaba, Inc., will act as an investment company.

President Donald Trump has vowed to improve cyber attack defense, but security experts meeting this week say a fractious domestic and international political landscape could hamstring efforts to improve internet security.

As the White House mulls an executive order on cybersecurity to combat an epidemic of data breaches and hacks, participants at the annual RSA Conference voiced concern that dwindling political unity will challenge efforts to improve defense.

"The core of the problem hasn't changed; defenders have to win every time whereas attackers only have to win once," Forrester Research vice president and group director Laura Koetzle told AFP, while discussing the current state of online threats.

"What is different now is that the geopolitical situation is more unstable than it has been in quite a while."

Anti-globalization rhetoric that has been inflamed by Trump's rise and the United Kingdom's Brexit have shaken faith in the "globally interconnected world order" -- seen as upholding rules and agreements to peacefully resolve online and real-world differences between nations.

If alliances for thwarting online assaults weaken, Koetzle said, "greater testing from Russia, North Korea, China" and others can be expected, as countries test how far limits can be pushed.

The issue of cyber defense was brought to the forefront after US intelligence officials concluded Russia had carried out a series of attacks aimed at disrupting the election, possibly helping Trump's campaign.

And an unprecedented series of breaches that have compromised data on millions of US government employees, internet giants such as Yahoo and large companies like Sony Pictures present additional challenges to the administration.

- 'Digital Geneva Convention' -

Microsoft chief legal officer Brad Smith used the RSA stage to call for a "Digital Geneva Convention" that would set lines that should not be crossed in cyber war, with an independent oversight body to identify offenders.

"Just as the Fourth Geneva Convention has long protected civilians in times of war, we now need a Digital Geneva Convention that will commit governments to protecting civilians from nation-state attacks in times of peace," Smith said during a keynote presentation.

While addressing RSA attendees, Representative Michael McCaul, a Texas Republican who heads the House Committee on Homeland Security, was among those warning of looming cyber threats.

"There is no doubt in my mind that the Russian government tried to undermine our elections," McCaul said.

"Cyber intrusion has the potential to change the very fabric of our democracy."

Sameer Bhalotra, co-chair of a task force formed to advise Trump at the Center for Strategic and International Studies, said the country needs an agency that investigates cyber attacks.

He said the administration's stance on reducing regulation could speed the adoption of national computer security standards, because there would be less worry about being tethered by rules.

- Technology and trust -

Cyber policy task force co-chair Karen Evans had advised the administration to consider data as belonging to the user -- an approach that could bolster arguments against weakening encryption or building in back doors to access people's data.

The task force also strongly advocated bulking cyber defenses and ramping up the cost of attacks to discouraging levels, while urging the government to rely on the private sector.

Trump had been expected to release an executive order focused on cyber security early this week, but it was unclear Wednesday when it might land.

Recommendations from the task force included a few radical ideas, such as befriending hackers and promoting "bug bounties" to reward those who discover system vulnerabilities, said Nico Sell, co-founder of encrypted messaging service Wickr.

"If the administration expects an improvement in how we deal with cyber incidents, they will have to figure out how to foster trust -- especially in this charged environment," Koetzle said.

"The poisoning of politics fosters a tendency of not collaborating with institutions, and that is when things break down; especially in cyber security."

Comment on this article using your Disqus, Facebook, Google or Twitter login.

Thanks for being here;
We need your help. The SpaceDaily news network continues to grow but revenues have never been harder to maintain.

With the rise of Ad Blockers, and Facebook - our traditional revenue sources via quality network advertising continues to decline. And unlike so many other news sites, we don't have a paywall - with those annoying usernames and passwords.

Our news coverage takes time and effort to publish 365 days a year.

If you find our news sites informative and useful then please consider becoming a regular supporter or for now make a one off contribution.

SpaceDaily Contributor
$5 Billed Once

credit card or paypal
SpaceDaily Monthly Supporter
$5 Billed Monthly

paypal only


Related Links
Cyberwar - Internet Security News - Systems and Policy Issues

Share this article via these popular social media networks DiggDigg RedditReddit GoogleGoogle

Previous Report
Senators launch query on Trump's smartphone security
Washington (AFP) Feb 14, 2017
Two US senators have requested details on President Donald Trump's smartphone security, saying he could jeopardize national secrets if he is still using his old handset, as some reports say. "Did Trump receive a secured, encrypted smartphone for his personal use on or before Jan. 20? If so, is he using it?," said a tweet Tuesday by Senator Tom Carper, who along with fellow Democrat Claire Mc ... read more

Progress Underway for First Commercial Airlock on Space Station

A new recruit for ESA's astronaut corps

The Outer Space Treaty has been remarkably successful - but is it fit for the modern age?

Full Braking at Alpha Centauri

Russian Space Agency Develops Program to Improve Carrier Rocket Assembly Quality

India to launch record 104 satellites next week

Commercial Launch of Proton-M Carrier Rocket Planned For Early April - Roscosmos

ISRO tests C25 Cryogenic Upper Stage of GSLV MkIII

Mars Reconnaissance Orbiter plays crucial role in search for landing sites

Swirling spirals at the north pole of Mars

UAE Aims to Launch Its First Ever Mars Mission in 2020

Opportunity Takes Advantage of her Location to do a Mini Science Campaign

China looks to Mars, Jupiter exploration

China's first cargo spacecraft to leave factory

China launches commercial rocket mission Kuaizhou-1A

China Space Plan to Develop "Strength and Size"

Why it's time for Australia to launch its own space agency

NASA seeks partnerships with US companies to advance commercial space technologies

An exciting year in space for Intelsat

Iridium Adds Eighth Launch with SpaceX for Satellite Rideshare

New high-performance computing cluster at the Albert Einstein Institute in Potsdam

Orbit Logic Software to be used for BridgeSat Laser Comm Scheduling

A new sensitive and stable self-powered photodetector

New material that contracts when heated holds great industrial potential

Possibility of Silicon-Based Life Grows

Santa Fe Institute researchers look for life's lower limits

Dedicated Planet Imager Opens Its Eyes to Other Worlds

New planet imager delivers first science at Keck

NASA receives science report on Europa lander concept

New Horizons Refines Course for Next Flyby

It's Never 'Groundhog Day' at Jupiter

Public to Choose Jupiter Picture Sites for NASA Juno

Memory Foam Mattress Review
Newsletters :: SpaceDaily :: SpaceWar :: TerraDaily :: Energy Daily
XML Feeds :: Space News :: Earth News :: War News :: Solar Energy News

The content herein, unless otherwise known to be public domain, are Copyright 1995-2017 - Space Media Network. All websites are published in Australia and are solely subject to Australian law and governed by Fair Use principals for news reporting and research purposes. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA news reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. All articles labeled "by Staff Writers" include reports supplied to Space Media Network by industry news wires, PR agencies, corporate press officers and the like. Such articles are individually curated and edited by Space Media Network staff on the basis of the report's information value to our industry and professional readership. Advertising does not imply endorsement, agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. Privacy Statement