The Yahoo Hackers Weren't State-Sponsored, Security Firm Says

itwbennett writes from a report via CSO Online: After Yahoo raised eyebrows in the security community with its claim that state-sponsored hackers were responsible for the history-making breach, security firm InfoArmor now says it has evidence to the contrary. InfoArmor claims to have acquired some of the stolen information as part of its investigation into "Group E," a team of five professional hackers-for-hire believed to be from Eastern Europe. The database that InfoArmor has contains only "millions" of accounts, but it includes the users' login IDs, hashed passwords, mobile phone numbers and zip codes, said Andrew Komarov, InfoArmor's chief intelligence officer. Earlier this week, Chase Cunningham, director of cyber operations at security provider A10 Networks, called Yahoo's claim of state-sponsored actors a convenient, if trumped up, excuse: "If I want to cover my rear end and make it seem like I have plausible deniability, I would say 'nation-state actor' in a heartbeat." "Yahoo was compromised in 2014 by a group of professional blackhats who were hired to compromise customer databases from a variety of different targeted organizations," Scottsdale, Arizona-based InfoArmor said Wednesday in a report. "The Yahoo data leak as well as the other notable exposures, opens the door to significant opportunities for cyber-espionage and targeted attacks to occur."

State-Sponsored Attack == OMG Don't Blame Us

Of course. 'State-sponsored attacks' have been peddled by the media long enough as a huge doomsday thing that the corporate PR people have realized that everyone will give a pass to any poor company besieged by such a massive, unstoppable attacker. Couldn't have been helped, nosireee.

Of course state attackers *are* extremely powerful and dangerous -- but companies have already clued in that blaming them is a free pass from the public for shoddy security.