Blog del CCI

lunes, 3 de octubre de 2016

Names, Peace and other terms

Two stories have drawn our attention these days. More specifically, two names associated to those two stories. For sure, you are pretty familiar with one of them: Yahoo! Inc.; while, very probably, the other will say you nothing: Coburn.


Let’s start with Yahoo! It and its president & CEO, Marissa Mayer, had been in the headlines during the last weeks/months. No, not because of the hack! Let’s talk about the hack in a second. They were in the headlines because of the deal with the American telco Verizon, which, on July, 23rd, decided to pay $4,8 Bn for the former. And yes, then came the hack story.

Just a week and a half ago, on September, 22nd, Yahoo itself released a note to its users notifying that “A recent investigation by Yahoo! Inc. (NASDAQ:YHOO) has confirmed that a copy of certain user account information was stolen from the company’s network …”. The issue had started on August, 1st (one week after the Verizon deal), when a guy, nicknamed “Peace”, was detected selling hundreds of millions of Yahoo users’ credentials in the Dark Web.

In the same note of 9/22, Yahoo recognized that “information associated with at least 500 million user accounts was stolen” which made it the biggest data breach in History. (BTW, now it is being said that the number of stolen records could be in the order of the billion).

But the worst thing of the story was that Yahoo also recognized that the data had been “stolen from the company’s network in late 2014”. Almost two years earlier!

All this poses some questions as: “Was there an attempt to disturb the Yahoo-Verizon deal, or was the economic interest the only motivation for the hack?” ("Peace" sold 200 million records by only 3 Bitcoins  -i.e., $1,800-). Moreover, “what about the fact that Yahoo disclosed the leak two years after it happened?”. "Could it be seen as a case of unethical behavior in an attempt, by Yahoo, of preventing any damage on its deal?


Regarding ethics, Gordon Coburn is our second name today. It has been a while since our last reference to beheaded Presidents/CEOs. This week the terms “president”, “technology” and “resigned” have merged around Mr. Coburn, the company he was head of until now  -Cognizant Technology Solutions-  and bad corporate decisions. This time not due to a digital glitch or hack, but to bad  -i.e., unethical-  labor practices.


While corporate behavior gets the ethical lane again, let us continue exploring how to approach digital forensics in an industrial automation environment  -the CCI way-  (an exercise  -forensics-  that could result of benefit for Yahoo, right now-); let us revisit other cyber milestones as relevant as the Yahoo one, happened in recent years; let us try the new release of CSET; let us understand the perils of operating control systems in hazardous locations; and let us dive deeper into the Big Data sea that network monitoring opens before us.

Deepen these and other topics in our weekly "Newsletter". Subscribe here and enjoy reading!

No hay comentarios :

Publicar un comentario