Article posted: Mar 17, 2017
By Joakim Thoren, CEO
News this week that Russian intelligence officers working with hackers were the masterminds behind the theft of 500 million Yahoo accounts is yet another cautionary tale for those who are not using two-factor authentication to protect their data.
While the salacious nature of foreign governments infiltrating the data of U.S. citizens is making headlines, home-grown hackers can inflict plenty of damage as well. Foreign or domestic, the hackers are out there. They want data and money and whatever else they can take.
And if you're not using strong two-factor authentication, you're essentially giving them an easy in. Here's a sobering fact: the mammoth Yahoo had already been hacked - data on 1 billion users in 2013 - the year before the Russians identified this week made their foray into Yahoo's vast data banks.
The New York Times article about the hackers provides plenty of details of the crime that stemmed back to the hack in 2014. The story is particularly troublesome because the hackers reportedly were looking for information on individuals in the highest branches of government and the military, as well as the private sector.
What's made the story even more interesting are two key points: This is the first time federal prosecutors have charged Russian officials with cybercrimes; and the intelligence agents charged with the hacking actually have a role in their own government for catching cybercriminals.
In any case, what's abundantly clear from all this is passwords alone are simply not enough. Many sites provide options for additional security features, such as two-factor authentication. Users logging in with a password then receive a text or email with a one-time code to enter before they can log in. In our experience, users don't mind this simple extra step to protect both their personal and their corporate data.
For businesses, two-factor authentication should be a no-brainer. Managing multi-factor authentication solutions is easier than ever with systems like our vSEC:CMS.
It will be interesting watching the government's case against Yahoo's reported Russian hackers. The best revenge for enterprises and individuals for hacks like these? Ensure your personal and business data is protected so the next time the hackers come knocking, your data won't be among the casualties.