. 24/7 Space News .
CYBER WARS
Yahoo hack shows data as tool of information warfare
By Rob Lever
Washington (AFP) Dec 15, 2016


Suspect arrested in JPMorgan, Dow Jones data theft case
New York (AFP) Dec 15, 2016 - A 32-year-old American formerly living in Moscow but wanted in the United States in connection with a massive theft of customer data from JP Morgan Chase and Dow Jones has been arrested, officials said Thursday.

Joshua Aaron was arrested Wednesday at John F. Kennedy International Airport in New York and is scheduled to appear before a US judge on Thursday.

He is accused of orchestrating major computer hacking crimes against US financial institutions, brokerage firms and financial news publishers, including the largest theft of customer data from a US financial institution.

Aaron was one of four suspects indicted in November 2015 in the scheme that compromised data from millions of customers of JPMorgan Chase and other firms.

The bank has said the hack compromised data on 76 million household customers and seven million businesses, including their names, email addresses and telephone numbers -- the largest theft of data from a US financial institution.

Other firms previously identified as victims included the Dow Jones media group and online brokers ETrade and Scottrade.

Aaron is charged on multiple counts of fraud, conspiracy and other charges related to the hack. If found guilty, he faces maximum sentences of between five to 20 years on each count.

Two Israeli alleged co-conspirators, Gery Shalon and Ziv Orenstein, were arrested in Israel in 2015 and extradited to the United States in June.

US prosecutors say their crimes netted "hundreds of millions of dollars" in illegal proceeds.

They are accused of using the stolen data to send emails in an effort to artificially pump up the prices of certain "penny" stocks -- a so-called "pump and dump" operation.

They are also accused of operating an Internet gambling scheme, an unlawful bitcoin exchange and an illicit payment processing operation for shady online pharmaceutical sellers and others.

The massive hack affecting a billion Yahoo users shows how seemingly innocuous bits of data gleaned from cyber attacks can be exploited for profit -- and potentially for espionage and information warfare.

The latest breach disclosed Wednesday is the largest on record and comes just months after Yahoo disclosed a separate breach of data from 500 million users.

On the surface, the trove of data is "a bunch of junk," says John Dickson at the security consultancy Denim Group.

But he said that the ability to create a searchable database with these tidbits of data such as birth dates and phone numbers makes it enormously valuable to hackers seeking to make a profit, or for industrial or state espionage.

"If you're trying to research and get information about a target, you're going to use everything you can find," said Dickson, a former officer in the Air Force Information Warfare Center.

The Yahoo hack did not collect credit card or social security numbers, leading some analysts to speculate that the goals were not financial.

"For someone using data as a weapon, this is of tremendous value," said Steve Grobman, chief technical officer at Intel Security.

The disclosure of the breach comes amid intense scrutiny over cybersecurity in the US election campaign and the potential impact of hacked email accounts from people close to Democratic presidential candidate Hillary Clinton.

One of the hacks was a Gmail account of Clinton campaign chairman John Podesta -- who, according to media reports, was fooled by a fake email that prompted him to reveal his password.

Security analysts say these kinds of attacks are often preceded by lengthy data-gathering campaigns that might look for personal information such as a birth date or former school or university.

Yahoo said it was not clear who was behind the billion-user hack but that some evidence pointed to "the same state-sponsored actor" believed responsible for the previously disclosed cyber attack.

The security firm InfoArmor said in September its analysis of the first breach indicated "professional" hackers stole the Yahoo data, and only later sold it to a state entity.

InfoArmor said at the time that the breach "opens the door to significant opportunities for cyber espionage and targeted attacks to occur."

- Weaponizing data -

James Scott, a senior fellow at the Institute for Critical Infrastructure Technology, a cybersecurity think tank, argues that these hacks can fuel disinformation campaigns, which are a new tool used by governments.

"Espionage and geopolitical manipulation can now be easily achieved through cyber and information warfare from any adversary," Scott said in a recent blog post.

"Now, at least China, Iran, Russia, and Venezuela have funded political propaganda campaigns that digitally weaponized information by spreading disinformation and polarizing content throughout Western nations."

Scott noted that the breaches affecting Clinton and the Democratic National Committee were "dangerous because they provide a context-less release of information to the public that breeds distrust and resentment."

Grobman said an additional concern is that attackers may mix real data with manipulated information to distort facts, creating further confusion and mistrust.

"One of the things we are concerned about is that the public is conditioned to see leaked data as legitimate, and this data can be manipulated," Grobman said.

- Hacking for profit? -

Some analysts argue that the hackers' goals may be more financial than political.

Security researcher Graham Cluley said certain bits of information such as phone numbers could be of value to criminals.

"If a hacker or scammer has your telephone number, they can ring you up and trick you into believing they are an organization you already have a relationship with, which means that you might be tempted to hand over more personal information," Cluley said in a YouTube posting.

James Lewis, a senior fellow specializing in cybersecurity at the Center for Strategic and International Studies, said new analytics tools can sift through databases for political espionage purposes, but that it is not clear if Russia has those capabilities.

"If you're a criminal, you would think you could monetize a billion accounts," Lewis said. "Even if you got a penny or a dime for each, you would still be making a lot of money."

The attacks also pose a new threat to the future of Yahoo, the former internet star which has seen its fortunes decline and is in the process of selling its main assets to telecom group Verizon.

Dickson that it's likely that "Verizon is doing a double take" on the $4.8 billion deal.

"If this kills that deal, I think it will increase the focus on cybersecurity hygiene across the board," he said.


Comment on this article using your Disqus, Facebook, Google or Twitter login.


Thanks for being here;
We need your help. The SpaceDaily news network continues to grow but revenues have never been harder to maintain.

With the rise of Ad Blockers, and Facebook - our traditional revenue sources via quality network advertising continues to decline. And unlike so many other news sites, we don't have a paywall - with those annoying usernames and passwords.

Our news coverage takes time and effort to publish 365 days a year.

If you find our news sites informative and useful then please consider becoming a regular supporter or for now make a one off contribution.
SpaceDaily Contributor
$5 Billed Once


credit card or paypal
SpaceDaily Monthly Supporter
$5 Billed Monthly


paypal only


.


Related Links
Cyberwar - Internet Security News - Systems and Policy Issues






Share this article via these popular social media networks
del.icio.usdel.icio.us DiggDigg RedditReddit GoogleGoogle

Previous Report
CYBER WARS
Yahoo reveals new hack, this time a billion-plus users
Washington (AFP) Dec 15, 2016
Yahoo said Wednesday personal data from over a billion users was stolen in a hack dating back to 2013 - twice as big as another breach disclosed just three months ago. In a huge blow to the struggling internet pioneer, Yahoo said it made the discovery as it was investigating what was already the largest data breach of a single company. "Yahoo believes an unauthorized third party, in Au ... read more


CYBER WARS
Trump sits down with tech execs, including critics

Bill Gates urges Trump to inspire Americans like JFK did

ESA to supply Service Module for first crewed Orion mission

American space legend John Glenn dead at 95

CYBER WARS
China develops non-toxic propellant for orbiting satellites

Allegations Rocket Engine Failure Behind Progress Spacecraft Crash Incorrect

United Launch Alliance Successfully Launches WGS-8 Mission for the U.S. Air Force

ULA launches eighth Wideband Global SATCOM satellite

CYBER WARS
ExoMars orbiter images Phobos

Mars One puts back planned colonisation of Red Planet

Opportunity team plot path forward to the 'Gully'

Curiosity Rover Team Examining New Drill Hiatus

CYBER WARS
Chinese missile giant seeks 20% of a satellite market

China-made satellites in high demand

Space exploration plans unveiled

China launches 4th data relay satellite

CYBER WARS
UAE launches national space policy

Air New Zealand signs contract for Inmarsat's GX Aviation

European ministers ready ESA for a United Space in Europe in the era of Space 4.0

Nordic entrepreneurial spirit boosted by space

CYBER WARS
Velodyne LiDAR makes breakthrough for tiny, low cost solid-state LiDAR sensors

Supercomputer simulation reveals 2-D glass can go infinitely soft

Decoding cement's shape promises greener concrete

Japan launches 'space junk' collector

CYBER WARS
Scientists examine bacterium found 1,000 feet underground

Meta musings on the origins of life

ALMA measures size of seeds of planets

New telescope chip offers clear view of alien planets

CYBER WARS
Juno Mission Prepares for December 11 Jupiter Flyby

New Perspective on How Pluto's "Icy Heart" Came to Be

New analysis adds to support for a subsurface ocean on Pluto

Pluto follows its cold, cold heart









The content herein, unless otherwise known to be public domain, are Copyright 1995-2024 - Space Media Network. All websites are published in Australia and are solely subject to Australian law and governed by Fair Use principals for news reporting and research purposes. AFP, UPI and IANS news wire stories are copyright Agence France-Presse, United Press International and Indo-Asia News Service. ESA news reports are copyright European Space Agency. All NASA sourced material is public domain. Additional copyrights may apply in whole or part to other bona fide parties. All articles labeled "by Staff Writers" include reports supplied to Space Media Network by industry news wires, PR agencies, corporate press officers and the like. Such articles are individually curated and edited by Space Media Network staff on the basis of the report's information value to our industry and professional readership. Advertising does not imply endorsement, agreement or approval of any opinions, statements or information provided by Space Media Network on any Web page published or hosted by Space Media Network. General Data Protection Regulation (GDPR) Statement Our advertisers use various cookies and the like to deliver the best ad banner available at one time. All network advertising suppliers have GDPR policies (Legitimate Interest) that conform with EU regulations for data collection. By using our websites you consent to cookie based advertising. If you do not agree with this then you must stop using the websites from May 25, 2018. Privacy Statement. Additional information can be found here at About Us.