Introduction
People live in the age of the information society, when computers and telecommunications systems cover all spheres of human and state life. However, humanity, having adopted telecommunications and global computer networks, did not foresee the opportunities for abuse that these technologies create. The active and widespread introduction of information technology has led to a change in the list of economic crimes. Such illegal actions include computer crimes that harm the economy of the state, its individual sectors, business activities, and the economic interests of certain groups of citizens.
Today, not only individuals, but entire states can become victims of criminals operating in the virtual space. The number of crimes committed in cyberspace is growing in proportion to the number of users of computer networks, and the growth rate of crime in the global Internet is the fastest on the planet (Altheide, 2019). The security of thousands of users can lead to data breaches by a few criminals.
The paper describes two massive cyberattacks that took place on the Yahoo server in 2013 and 2014. The situations that have occurred, the reaction of the government, and the punishment of those responsible for fraud are considered. Moreover, the damage that the attacks brought to site users and server owners is given. Recommendations are stated on how to protect yourself from attacks and avoid cybercrime in the future.
Case Description
The infamous Yahoo! Hack is considered one of the largest in history, appeared to be even bigger than originally thought. According to a statement released by the company, the data breach in 2013 affected absolutely all users, which at that time numbered 3 billion (Altheide, 2019). The analysis of information about the incident was carried out by the company with the participation of external forensic experts. Therefore, Yahoo! found that the hack in August 2013 affected all the accounts of the network. As a result of the occurrence, users’ phone numbers, dates of birth, hashed passwords, as well as questions and answers for password recovery were in the hands of attackers. According to Yahoo!, the hackers could not get access to unencrypted passwords, payment information and bank card data (Back et al., 2018). However, the company uses the MD5 algorithm to hash passwords, which is considered obsolete and unreliable. Thus, hackers easily bypassed the system and gained access to the accounts.
The company has taken all necessary steps to protect the accounts. Moreover, it asked users to change their account passwords. Yahoo! noted that during the attack, cookies, were forged. This is textual information that is transmitted from the server to the browser and stored on the user’s computer. The organization has disabled cookies and strengthened the security system to make them more resistant to possible future attacks.
Due to the fact that cybercrime has so far been difficult to detect, the perpetrators have not been found. However, the United States government and the FBI initiated an investigation into a number of countries that could be involved in what happened (Back et al., 2018). Nevertheless, the evidence base turned out to be insufficient, and the cyberattack remained unsolved. The jurisdiction of the federal government over a crime is valid when the offense involves crossing state lines or is registered on federal land. Moreover, a violation of the law may be associated with a particular federal employee or may violate a specific federal law.
Cybercrime cases come before the courts under the Computer Fraud and Abuse Act. It includes several crimes committed in cyberspace and has been one of the most heavily used laws by the USA federal government in recent years (Back et al., 2018). Among the main requirements for bringing to law are the fact that the computer is a secure device and a third party, that is, a cybercriminal, has gained access to the equipment without the permission of the owner. The amendments made to the law explain that under the definition of a protected computer, legislation means any device connected to the Internet.
However, despite increased security following the incident, the company was attacked again. Yahoo! confirmed the fact of a hack in 2014, as a result of which hackers obtained the data of 500 million accounts. Usernames, e-mail addresses, passwords, phone numbers, as well as security questions and answers to them were stolen. Yahoos! Bob Lord noted that the hackers were unable to obtain information about users’ credit cards and bank accounts (Daswani & Elbayadi, 2021). According to him, the hackers acted with the support of the state.
As a result of both attacks, hackers gained access to usernames, their email addresses, phone numbers, dates of birth, and security questions and answers to recover passwords. The company believes that the data associated with bank accounts and customer cards were not affected. It is possible that the hackers obtained the encrypted passwords as a result of both attacks. Yahoo encrypts passwords using the MD5 algorithm, which hackers have learned to decrypt using brute force. The essence of the approach lies in the sequential automated enumeration of all possible combinations of characters in order to find the correct one sooner or later.
Case Analysis
Confidential information transmitted over the Internet passes through a certain number of routers and servers before reaching its destination. Typically, routers do not monitor the information flows passing through them, but there is a possibility of intercepting information. Moreover, the information can be changed and transferred to the addressee in a different form. Unfortunately, the inner system of the Internet leaves the possibility of such actions by unscrupulous users.
Subsequently, the company’s management blamed Russian hackers, since the attacks were carried out from the territory of Russia. The fact of the attack was established only two years later, and the perpetrators were punished. The company was subjected to public criticism due to the fact that it took heaps of time to notify users about the theft of their personal data by attackers. After this incident, many even decided to stop using Yahoo! products, which also include the photo service, Flickr and the Tumblr blogging platform, Tumblr.
In parallel with Yahoo, an investigation was conducted by specialists from the US Department of Justice. Officials believed this happened because the high reach accounts compromised the accounts of more than 150,000 samples, law enforcement and the military of the United States and other countries (Altheide, 2019). The attacker was able to infiltrate Yahoo networks by gaining access to the user database and an account management tool called the Account Management Tool. This internal company service allows you to change some parameters of system user credentials, including passwords.
In fact, the development of scientific and technological progress associated with the introduction of modern information technologies has led to the emergence of new types of crimes, in particular, to illegal interference in the operation of electronic computers, systems and computer networks, theft, misappropriation, extortion of computer information, dangerous antisocial a phenomenon commonly known as cybercrime. Many experts note that the use of information systems for criminal purposes can be compared with the effects of weapons of mass destruction in their consequences (Altheide, 2019). Therefore, cybercrime is currently seen as a rapidly growing security threat, both for individual states and for the world community as a whole. Consequently, the problem of combating cybercrime and the practice of considering cases of this category by the courts are put forward in one of the first places.
Crimes in cyberspace have not received the proper criminal law qualification even in developed countries. Firstly, there is no precise definition of “cybercrime” or “cybercrime”, which leads to a lack of an accurate understanding of this phenomenon (Back et al., 2018). Secondly, there are problems of qualification of crimes in cyberspace. The question of attributing one or another violation of rights outside the outside world to a certain group of crimes remains open. Moreover, it is not clear how, based on what, the guilty person should be punished, and what sanctions will be most acceptable.
Case Implications
The massive data breach that Yahoo suffered in August 2013 affected the company’s three billion user accounts that were active at the time. Here is how the press release was recently released by Verizon, Yahoo’s parent company, since it took over earlier in the year. However, the truth is that the number of victims increased over time until it reached the total. When the problem was discovered, and only three years after the events, in 2016, the first figures spoke of 500 million affected accounts (Daswani & Elbayadi, 2021). Shortly thereafter, Yahoo stated that the hack affected 1,000 billion accounts, a third of the total number of accounts in existence at the time (Daswani & Elbayadi, 2021). Thanks to new technologies available and investigative work done with the help of external forensic experts, the attack was much more serious as all Yahoo accounts were affected in 2013.
A 23-year-old citizen of Kazakhstan and Canada was sentenced by a San Francisco court to five years in prison and a fine of $250,000 for hacking Yahoo accounts in the interests of Russian intelligence services. The young man was one of four defendants in the 2014 Yahoo cyberattack that stole data from 500 million users (Daswani & Elbayadi, 2021). Among the defendants are also two ex-FSB officers – a former senior detective and his boss. The US Department of Justice considered the hacker from Kazakhstan to be one of the hackers hired by the special services.
This hacker pleaded guilty, but stated that he was forced to cooperate with the Russian special services, CTV notes. The prosecution alleged that the FSB hired him to control dozens of email accounts through a Yahoo hack. US prosecutors are confident that the FSB targeted Russian journalists, US and Russian government officials, as well as employees of financial services and other private enterprises. The data breach scandal of 500,000 users impacted Verizon’s purchase of Yahoo. As a result, Yahoo’s Internet business cost Verizon $350 million less: the total transaction amount was $4.48 billion instead of $4.83 billion. Thus, the company suffered severe losses and forced many users to abandon their services.
In addition, the attackers got another tool at their disposal that allowed them to forge cookies of certain user accounts, gaining access to these accounts without a password. The thing is that the user database generates a cryptographic key for each of the accounts. It can be used to generate cookies associated with an account. One of the accused in the Yahoo hack is believed by the FBI to have used access to the company’s accounts for personal purposes. In particular, he analyzed the correspondence of users in order to find numbers of credit and gift cards, redirected Yahoo search traffic (a certain part of the traffic) to receive a commission. In addition, the same person sold a database of 30 million compromised accounts to spammers.
The US Department of Justice has filed charges against four Russians suspected of hacking Yahoo accounts. According to representatives of the prosecution, the hackers allegedly hacked into companies and gained access to confidential information of US and Russian citizens (Hammouchi et al., 2019). The defendants are suspected, among other things, of involvement in the hacking of the Yahoo mail service (Hammouchi et al., 2019). At first, the arrested hacker did not admit his guilt in a San Francisco court, but later confessed to the crime.
Developing a risk-oriented culture and increasing the maturity of the cyber risk management function will help strengthen business resilience to cyber threats. Moreover, this may affect the establishment of transparent communication both between the board of directors and the cyber defense service, and when interacting with business partners and third parties included in the company’s digital platform (Hammouchi et al., 2019). Companies need to continually strengthen and improve their security infrastructure with modern end-to-end security solutions. Among these solutions, for example, are secure access services that can be used to collect telemetry data from network traffic, stop attacks in the perimeter and network. In addition, it is important to deploy an advanced threat detection and remediation system that can automatically respond to incidents on all end devices.
An effective fight against cybercrime presupposes an adequate clarification of the specifics of the reasons for its growth. In general, criminal manifestations have a single causal complex, which is based on the most profound and acute deformations in society in all its spheres and levels, from the global to the individual-personal (Setiawan et al., 2018). These are such deformations that, firstly, express the injustice of the social structure, open up scope for the arbitrariness of some subjects to the detriment of others; secondly, they infringe on the rights and freedoms of citizens, and thirdly, they lead to dehumanization and inferiority of the social status and mentality of a part of the population.
This is due to the fact that although cybercrimes are committed with the help of computers, computer systems and networks and in a virtual environment, they nevertheless go to the physical level and cause material harm (Bossler & Berenblum, 2019). This means that offenses encroach on real legal relations, affect the interests of specific people, and bring negative consequences. In this regard, the existing norms of administrative and criminal laws in force in the territory of the United States are applicable to these crimes.
Conclusion
Cybercrime and cyberterrorism are an objective consequence of the globalization of information processes and the emergence of global computer networks. With the growing use of information technology in various fields of human activity, their use for the purpose of committing crimes is also growing. The need to protect against cybercriminals is obvious. It is desirable that the problems of combating cybercrime be solved at the state level, and work should be carried out everywhere to clarify the protection against cybercriminals. Yahoo showed a disregard for the security of the personal data of its users, which it promised to protect. Online intrusions and state-backed thefts are becoming more common in the tech industry.
References
Altheide, D.L. (2019). Capitalism, hacking, and digital media. In: Scribano, A., Timmermann Lopez, F., Korstanje, M. (eds) Neoliberalism in Multi-Disciplinary Perspective. Palgrave Macmillan, Cham. Web.
Back, S., Soor, S., & LaPrade, J. (2018). Juvenile hackers: An empirical test of self-control theory and social bonding theory. International Journal of Cybersecurity Intelligence & Cybercrime, 1(1), 40-55. Web.
Bossler, A. M., & Berenblum, T. (2019). Introduction: New directions in cybercrime research. Journal of Crime and Justice, 42(5), 495-499. Web.
Daswani, N., & Elbayadi, M. (2021). The Yahoo Breaches of 2013 and 2014. Apress, Berkeley, CA. Web.
Hammouchi, H., Cherqi, O., Mezzour, G., Ghogho, M., & El Koutbi, M. (2019). Digging deeper into data breaches: An exploratory data analysis of hacking breaches over time. Procedia Computer Science, 151, 1004-1009. Web.
Setiawan, N., Tarigan, V. C. E., Sari, P. B., Rossanty, Y., Nasution, M. D. T. P., & Siregar, I. (2018). Impact of cybercrime In E-business and trust. International Journal of Civil Engineering and Technology, 9(7), 652-656.