Yahoo! Inc. Cyber Attack (Essay Sample)

Yahoo! Inc. Cyber Attack
Student’s Name
Institutional Affiliation
Yahoo! Inc. Cyber Attack
In the 21st Century, as technology and science improve, new concepts are integrated as well. Cyber Crime is one of the newly integrated ideas which did not exist about 15-20 years ago. Cyber-crimes refer to all criminal activities against computer systems. Their activities include; hacking, identity thefts, Computer systems intrusion, phishing attacks, malware, Man in the middle attacks among others. Cyber-attacks can adversely affect computer systems and thus has to be prevented at all costs (Stalling, Brown, Bauer & Bhattacharjee, 2012).
In 2014, Yahoo! Inc. suffered the most intense Cyber-attack of all times. Yahoo! Inc. is among the most extensive web services provider in the world today. The services that Yahoo! Inc. offer include communication services via Yahoo Mail and Messenger, content creation services, branding as well as advertisement services. Therefore. Yahoo! Inc. boasts over a billion users. It was considered the biggest data breach ever experienced by a big company. It was not until 2016 that Yahoo! Inc. confirmed the massive security breach. The breach saw hackers access the credentials of at least five million accounts (Trautman & Ormerod, 2016). Yahoo! Inc. stated that user information such as names, contacts, hashed passwords and password recovery questions had been compromised in the 2014 attack.
The US Federal Bureau of Investigation probed into the case until it became apparent what exactly transpired. The FBI discovered that the hack began after a phishing attack was conducted one of the workers in 2014. It just required one click of a button form the targeted employee. A hacker responsible for the attack was called Aleksey Belan and was hired by Russian agents. The hacker together with his accomplices was looking for a way to access the users’ database and a way to manipulate it. To keep himself in the Yahoo! Inc. systems, he installed a backdoor in the Yahoo server. In December 2014, he stole a copy of the database and started manipulating the data.
The User database that was stolen housed the users’ personal information, emails to recover passwords and cryptographic values unique to every account. The passwords recovery emails and cryptographic values motivated the hack. Belan and his accomplice used the two crucial sets of data to target particular users as requested by their Russian agents. Since the account management tool restricted them to access user names, the hackers used the email recovery passwords. Once they identified the accounts of the targeted users, used the cryptographic values to access cookies through a script installed in Yahoo servers. Those cookies authorized access to accounts without using a password.
The hackers were objective in their activities. Of the five hundred million accounts, they were able to generate cookies for only 6,500 accounts. The hacked user accounts belonged to high government officials and ministers. Before the investigation, Yahoo! Inc. feared that only about 26 accounts were affected. However, in late 2016, Yahoo! Inc. announced the breach and prompted its’ users to change their Yahoo passwords.
The implication of the Yahoo! Inc. breach was felt by both the users and the company itself. Firstly, Yahoo! Inc. paid a hefty fine of $35 million to the Securities and Exchange Commission (SEC) for failing to notify investors about the breach on time (Stalling, Brown, Bauer & Bhattacharjee, 2012). Atlanta, the company that contains Yahoo remains, agreed to pay the fine. Noteworthy, the SEC did not fine Yahoo for the hack, weak security algorithms or even not informing the users. SEC fined Yahoo for the lack of telling investors in good time. Investors ended up risking their finances and hence attracting negative financial impacts and legal implications. Also, Yahoo! Inc. reported that they had used over $16 million after the breach and another $5 million related to forensic investigations.
Secondly, Yahoo! Inc. suffered when selling part of the company to Verizon. Hacking destroys the image of any organization. Verizon had come to terms regarding the purchase of Yahoo, months before security experts started investigating the possible hack. Jacob Olcott, the vice president of BitSight security company, highlighted that Cybersecurity could affect the valuation of any company. For this reason, the Verizon purchase agreement was adversely affected by the Cyberattack. In light of this, Yahoo confirmed that the Stock Purchase Agreement (SPA) would be cut by $350 million (Trautman & Ormerod, 2016). Also, Verizon and Yahoo would share costs in settling cash liabilities accrued as a result of the security breaches.
Finally, Yahoo users were also affected by Yahoo! Inc. hack. Changing passwords was just the beginning of a process for many users. They had to go through other services to ensure that non shared the Yahoo passwords. Failure to that, the users had to be suspicious of every move they made online in fear of more identity theft. Yahoo data was critical as it led prints to other information such as friends and family, bank details and social media profiles.
The adverse results generated from the Yahoo! Inc. data breaches continue to show how cyber attacks affect companies by tarnishing their image, making them targets for regulatory actions and legal procedures. Several crucial lessons are