This Week: Verizon and Turkey React To Stolen Data

Next: Announcing our Partnership with Mandiant, a FireEye Company...
Previous: This Week: Weebly, Indian Banks, and CyberMaryland
Should have used a password manager.
October 14, 2016

The Terbium Analyst Team is on the front-line of combatting dark web myths and legends. Whether it's a threat report, white paper, or blog post, the Analyst Team's job is to know things and speak intelligently about them. Other interests include weightlifting, chocolate, and accumulating obscure dark web trivia to amuse and confuse our co-workers.

This week, we saw two vastly different responses to stolen data. Verizon, a potential buyer for the tech giant Yahoo, is requesting a billion-dollar discount on their acquisition following a breach that affected 500 million users. Meanwhile, the Turkish government shut down Dropbox, Google Drive, Microsoft OneDrive, and Github to prevent the spread of leaked government emails, showing just how threatened states can feel by exposed data.

1 Billion Reasons for Transparency

A few weeks ago, Yahoo confirmed a hack from 2014 that compromised 500 million user accounts. The alarming revelation triggered a deeper look into Yahoo’s business, which in turn exposed Yahoo’s custom-built software to scan the content of users’ emails for intelligence and law enforcement agencies. Yahoo failed to disclose the effort in any of their scheduled transparency reports, which are supposed to document government requests for user data. Following the continued onslaught of bad press, Verizon is reportedly seeking a $1 billion discount on the deal to buy Yahoo, citing diminished value.

Failing to act immediately after a breach can tarnish a company’s brand. If an organization knows of a breach and does not inform the public about the problem, the public becomes leery that the company may be hiding more information. As we see here, if Yahoo had been upfront about the breach (or the software) sooner, their deal with Verizon might have gone differently – for better or for worse. The onslaught of bad news gives potential business partners and customers cold feet. The breach’s impact will ultimately extend beyond Yahoo; if acquired, Verizon will absorb the future issues associated with the breach and its fallout. Any existing problems will linger after the acquisition, requiring extra effort from Verizon to keep their brand value up and not let Yahoo’s image drag them down.

Turkish Tradition

The Turkish hack group “RedHack” recently leaked 17GB of private emails belonging to Turkey’s Energy Minister, Berat Albayrak, who also happens to be the son-in-law of the almost-deposed President Recep Tayyip Erdogan.

To curb the spread of the data, the Turkish government kept with tradition and chose to outright block the major cloud and document sharing services Dropbox, Google Drive, Microsoft OneDrive, and Github throughout the country. Previously, Turkey has censored Twitter, Facebook, and YouTube in efforts to control the flow of information in moments of crisis. Data theft in Turkey, it seems, warrants a response usually reserved for coups and hostage situations.

The authenticity of the data – which amount to over 57,000 government emails – was verified in part by a court in the Turkish capital Ankara, and the verification process revealed a concerted government effort to stifle online criticism and opposition.

Albayrak, who used the same password for many of his personal and official accounts, reportedly fell victim a keylogger, which in turn handed over the “skeleton key” to RedHack. The Energy Minister reportedly lacked two-factor-authentication for his accounts, ensuring full access to whoever obtained his single password.

Instead of patching any system vulnerabilities and correcting the human error, Turkey responded with a show of total power. The message was (and has been) clear: if you use the internet against Turkey, Turkey will take away the internet.

This incident highlights the increasing power that data ownership commands; a leak of emails has the potential to cause ripples at the state level. When data is stolen, states feel threatened, and respond in kind.

Responses of this nature won’t come only from state governments, though. As the concept of data ownership becomes increasingly personal, people are likely to answer with this same hostility.

Trick or Dark Web

A man who allegedly tricked victims into handing over their passwords through fake dark web marketplace login screens is now facing criminal charges. Michael Richo collected users’ credentials to steal their Bitcoins, which he later exchanged for US dollars and deposited into a bank account. Oddly enough, law enforcement helped market users.

RELATED ARTICLES
analysis October 08, 2018
The Nine Lives of a Stolen Payment Card

For financial institutions, simply cancelling and issuing a new card will only prevent fraudulent charges on that specific payment card—a canceled card does nothing to stop future fraudulent activity stemming from other compromised cardholder...

analysis October 02, 2018
The Truth About Dark Web Pricing

Asking how much data costs on the dark web is a good question, but the line of inquiry should not end there. In our research of the dark web, Terbium Labs not only examines...