In the wake of the Yahoo attack late last year, where the theft of more than 500 million user account from 2014 was discovered, Yahoo CEO Marissa Mayer has decided to waive her 2016 bonus after an investigation into the attack by the board. Comment from Brian Laing, VP of Business Development at Lastline.
It’s admirable that Yahoo reallocated executive compensation towards employees to demonstrate its recognition of the seriousness of the data breach. Too often executives seem to be above it all as customers suffer. The attack itself again demonstrates the creativity and ingenuity of cyber criminals, and again, with the right technology the resulting data breach could have been minimised if not prevented.
The exfiltration of customer data likely resulted in anomalous network traffic, and the spear phishing attacks against 26 Yahoo execs (who should know better) provided further clues into the attack. But signature-based security solutions would have missed both of these techniques. Monitoring behaviour, inside of files and across networks, will detect malicious intent and provide security teams with insight into how to disrupt attacks.