Follow up to DHS Banning Laptops from Planes – Summary of the Yahoo Heist

Click to View Today’s Show Notes

—

Transcript

TTWCP-DAILY-60_2017-03-24_Follow-up-to-DHS-Banning-Laptops-from-Planes

Below is a rush transcript of this segment, it might contain errors.

Airing date: 03/24/2017

Follow up to DHS Banning Laptops from Planes – Summary of the Yahoo Heist

Craig Peterson: Oh I got to do a follow-up to yesterday’s sanity check. I missed a couple little details. People are confused so we’ll get to that. Also today, we’re going to focus a little bit about a data breach. The biggest online heist in history. We’ll get in a little bit of background here about who did it? Why they did it? Who’s behind it? And by the way, it might have affected you. We’ll get into all of that today. Craig Peterson here. Stick around as we start today’s TechSanity check.

(TTWCP EARWORM)

Well to start with today, you know I’ve been mentioning this. We’ve been doing this for two weeks but if you have a question, just email me, Me@CraigPeterson.com. But apparently I confused a bunch of people yesterday because you know, you get your two questions. It’s a two-question limit but I had someone who responded with a little bit of a concerned question. I talked yesterday about what happened here with Homeland Security banning larger devices in your carry-on luggage. And we talked about how like with Pan Am flight 103 out of Lockerbie, how that really didn’t make any difference. It would have made a difference. And how, frankly, as people get a little further along and a little bit more advanced. Of course having the carry-on luggage versus having it in the hold isn’t going to make a difference either because the bad guys will figure out how to detonate it remotely eventually if they get around to it. But the part that I think confused people was that I didn’t mention that this was a limited restriction. This restrictions in place by Homeland Security came in Tuesday night and they gave these countries until Friday to stop airplanes from coming to the US where the passengers had any larger carry-on electronic items. And those countries are Turkey, Egypt, Tunisia, Lebanon, Jordan, and Saudi Arabia. So those are the only ones, the direct flights only, you can’t have large electronics in your carry-on. It’s going to obviously cause some problems in the airports of those countries. It’s probably not going to cause too many problems for us here in the US at least at this point.

But we’re not the only ones that did this. Shortly after the Trump administration Department of Homeland Security made this announcement, the United Kingdom did the same thing. So we probably will get more and more countries to kind of get behind this as well. And their concern in the UK, former GC HQ officers said the jihadist can get a hold of Semtex and C4 and store it in a laptop, get it through the x-ray system. A suicide bomber could then sit by the window and it only need a small charge to blast the window and have a devastating effect. Now that’s true if the plane is high enough. If it’s at full altitude as it’s traveling and of course it could come right down in the middle of the ocean and we might not ever know exactly what happened on that airplane. Just like the problem with EgyptAir last year.

So that’s what it is. It’s very limited. It’s very restricted. And it also is only covering certain devices. And they have a whole list of them. Basically laptops, iPads, even the iPad mini is banned. Kindle E-readers would fit into this. Your iPads, of course, all of them. And that goes back to the maximum size allowed. Their saying the biggest that you can bring is 3.6″ x 6.3″ x 0.6″. I don’t know exactly how they come up with those numbers, but you can bring in your iPhone. The larger iPhones I think would fit as well because a Galaxy S7 does fit within those requirements. But all of the major phones including your iPhones would be exempted under this particular ban. So, just certain countries. Only direct flights to the US. And only larger devices although I’m sure they’ll start coming after us a little bit more here in the US and from other countries as well.

Alright, on to our next story here. And this has to do with what was one of the biggest, maybe the biggest, it wasn’t certain ways, online heists ever. If you have a Yahoo account and you had it for a while, that account is probably being hacked. Because these hackers were able to pull more than 500 million users’ information out of Yahoo. Now just this last week, the Justice Department went after these guys and was able to secure warrants. That’s not going to do a whole lot of good because even though they have an extradition agreement in place with some countries, with NATO countries, it is not going to happen because the four people are already in Russia. And by the way, as I mentioned this morning on the radio on WGAN, the hackers have been employed by the FSB, by the federal, kind of like the CIA, NSA over there in Russia.

Now who were these people? Well it turns out two of them were FSB officers and they had law enforcement responsibilities. And the acting Assistant Attorney General Mary McCord said in a statement last week that that makes it even more egregious because they should’ve known better and because it now pulls into question whether or not the Russian government had knowledge about this whole thing. Now those two FSB officers were able to recruit a couple of other hackers. One of them was a hacker named Alexsey Belan. He’s known, his nickname is “Magg”. He apparently was the primary hacker. He has been indicted before, twice in the US, for hacking e-commerce companies. And what he did when he found out about the indictments is he fled to Russia. Russia found that he was there, so what did they do? They hired him. The same thing we do right? Kevin Mitnick? We’ve talked about this how many times before on the show. We hire hackers to protect us and to hack into other systems. And that kind of bothers me frankly. But, you know, that’s I guess for another show. And so do the Russians. We got expect the Chinese do that. Pretty much everybody does it here.

So he was put on the FBI’s list of most wanted hackers and he was also put on an Interpol red notice to be arrested and extradited. Now, even though Russia is an Interpol member, they are not going to ship him out because the FSB has recruited him. Again, I can’t necessarily blame Russia for that but it’s obviously a problem. Now, how did they get into Yahoo? Well, they did two different tricks. One, which is technical, where they faked browser cookies in order to allow them to gain access to accounts. So they told the Yahoo servers Hey I’m Mr. so-and-so and I’m legitimate and you already let me in. So let me in now. So that’s one of the things it did. They minted these cookies on browsers, on computers, to go in and get around the security that was in place.

But the other thing they did was they used an ad scheme. So they hacked Yahoo search engine. They showed fake erectile dysfunction ads. People clicked on those ads and I can’t believe people still click on those things. I have a really good friend that clicks on all kinds of stupid ads and keeps asking me hey is this legitimate? No, it’s not. Don’t click on those ads. So they put these ads, these fake ads up. The links redirected users to a cloud computing firm. And then to an online pharmacy that was paying the bad guys a bounty for each click. So they hack Yahoo. They get all this information. Who knows what they do with it all? Do they give it to the Russians? Some of it did appear online on some of the dark websites out there. But they were also making commissions for clicks on fake erectile dysfunction ads. Isn’t that amazing?

Belan was hacking Yahoo all the way from 2014 through late 2016 and Yahoo obviously didn’t take note. I don’t know if they noticed, how much they noticed. You know, keeping everything secure, it’s a full-time job, right? We have clients, it’s difficult to keep up with all of these stuff. So we have 200 people. 200 people that we have going through logs. Now obviously there’s computers that are in front of that. But they have AI that’s looking for all of this stuff. That’s what we have in place. And then it goes to this team of 200 people that look at stuff to try and figure out what’s going on. And that’s what we do for our clients. And that’s how we maintain a better than 99% success rate for keeping the bad guys out of our email and the hacking that they’re trying to do. And then we go all the way from the network edge, all the way to the end computer. So something does make it in somehow. We can track it down later on. So we determine later on as these 200 people look at, hey yeah, this was malicious, we can actually back out everything that they did inside the network, to the computer, to the servers. We know what’s happening. In fact, whereas it takes the average company right now about 10 months to even notice they been hacked, and in Yahoo’s case here, it took what, a couple of years for them to notice they’ve been hacked. We can get it noticed and fixed in less than a day. How cis that for impressive? In most cases, in under 5 to 6 hours.

So Yahoo was exposed for years here, which is just incredible here. These two guys were hacking it. They were targeting who they were going after. 18 victims here from Baratov’s hack included an assistant to the deputy chairman of the Russian Federation, an organization known as the Bureau of Special Technical Projects which investigate cyber technology, child porn cases in the Russian Ministry of Internal Affairs. And they were paid again here on another bounty of approximately hundred dollars for each victimized account. So even though they were FSB agents involved. Two FSB agents and two hackers, it really doesn’t look like they were working directly for the Russian government and some of stuff they did was against the government. Now, Baratov, this guy, 22 years old. He’s a Canadian and that’s kind of interesting because what does he do? He posts pictures online showing himself with hundred dollar bills, expensive sports cars. He did all kinds of things. He apparently made his first million dollars by the age of 15, through who knows what means. But the RCMP and Toronto police arrested him last week for his role in the Russian hacking plot. He’s going to be extradited to the US. One of these four guys is probably going to end up in court. I suspect they’re going to offer him a good deal. A plea bargain to expose who some of his compatriots were and also some of his techniques. So it’s going to be interesting here. US law enforcement and intelligence are going to, I think, get a lot out of this as these bad guys are caught.

Alright. You can, of course, find a whole lot more. You can subscribe to my podcast daily as well as the weekend stuff and what I do across New England on our everyday basis here on different radio stations and TV stations. Just go to http://CraigPeterson.com/itunes. And again, if you haven’t hit the two question limit yet, you can send me your two questions. Just Me@CraigPeterson.com. If it was just you and me sitting down, having a cup of coffee, what questions would you want to ask me? I really, really would like to know because that’s going to help me direct the show and some of the other things that I’m doing as well. Just Me@CraigPeterson.com. Have a great day. We’ll be back tomorrow. Bye-bye.

—

Show Notes:

Continuing the discussion on security breach today, and what Department of Homeland Security meant when they banned larger devices in your carry-on luggage.

What countries are included in this ban, who are doing the same, and what will this cause in general to those who are used to bringing along their laptops and iPads on trips?

These and more on TechSanity Check, stay safe!

For tech and security related questions, send them over to me@craigpeterson.com.

—

Related articles: