Yahoo Hack record: Ex-company boss Mayer accused Russian agents

Yahoo Hack record: Ex-company boss Mayer accused Russian agents

Marissa Mayer

(Picture: AP, archive)

The Russians should have done it, said the former Yahoo chief Marissa Mayer in the US Senate to mass attack of 2014. The background of an even larger data leakage in 2013 had not yet been clarified.

The former Yahoo CEO Marissa Mayer took advantage of a hearing in the Trade Committee of the US Senate on Wednesday to sign up "at each of our users" for the massive data thefts at the Internet company in recent years "sincerely" to excuse. She explained that Russia was behind the first uncovered last year Hack of around 500 million user accounts: "We now know that Russian intelligence agents and government-backed hackers were responsible for highly complex and sophisticated attacks on Yahoo systems."

The company have worked on learning of the cyber attack closely with law enforcement agencies including the FBI, told Mayer. This it was finally able to identify the responsible intruders and locate. The US Justice Department and the FBI have raised in this regard in March indictment against four people. The documentation issued by the investigators user data made it plausible that they had been stolen in August 2013 from the servers of the company. There had been about names, email addresses, phone numbers, dates of birth, password hashes, but they were using MD5 poorly secured, as well as some non-encrypted security questions with answers.

Tests with the best hackers in the world

Mayer pointed out in her presentation that Yahoo have worked very hard to ensure the security and privacy of users. So the company has set about on end-to-end encryption with SSL and HTTPS as well as multi-factor authentication, penetration testing with the "best hackers in the world" be carried out and awarded premiums for uncovered vulnerabilities. About 2 million US dollars alone on this program in 2500 security researchers have been distributed worldwide.

The measures ranged according to Mayer though, a "bombardment" of attacks by private and state-funded hackers successfully defend. Unfortunately, it was the Russian agent but still managed "penetrate our systems and steal user privacy", The danger posed by state-sponsored attacks have changed the playing field so dramatically that even companies with the best defense could be victims of such crimes. Cyber ​​security is a "global challenge", The economy and the state would have to put together.

Unexplained greater Hack

Who is behind the even bigger theft of data from three billion user accounts in 2013, Mayer could not say on questions of senators back. For this there is no its findings. The former Hack confessed Yahoo until months after the confession of the incident in 2014. According to Mayer of the now belonging to Verizon Group was unable to reconstruct how the attackers had entered into the corporate network as well as before. Verizon's Data Protection Officer Karen Zacharia stressed that the company constantly bring its security measures up to date and be open to more stringent IT security laws.

Russian officials emphasize again and again to have nothing to do with sensational hacks in the US. Of large companies in Moscow can be heard that the skills of national hackers would often overestimated. Parallel but apply also as a kind of modern Robin Hoods who were on a force balance out.(Stefan Krempl) /(ANW)