Proof that Cyber Security concerns Everyone.

Cyber crime to most people feels too trivial a problem to take seriously. They probably think that a few stolen numbers and passwords won’t affect them, believing that they have no important data that needs protection as such. On the other end of the spectrum, there are those who constantly fret over weak cyber security and will probably go out of their way to cover their laptop camera with tape, taking no chances when it comes to their data.

So which one are you? Someone who doesn’t really care what happens to their data or are you a Cyber Security aspirant - waiting to rid the world of cyber crime?

Well, whatever the case might be, we are here to give all you naysayers some incentive to take Cyber Security more seriously and for all you Cyber Security optimists, proof that you have been right to take Cyber crime seriously all along!

In this blog, we’re going to cover 2 prominent cases of serious cyber breaches that had unfathomable consequences for the people and companies involved.

One of the leading brands in the hospitality industry, Marriott faced a lot of challenges back in 2018 when they found out that one of their reservation systems had been compromised - the reservation system at their Starwood properties to be exact. 

A brief history of the Marriott - Starwood Merger

Starwood properties weren't always a part of Marriott. Once an independent chain hosting a multitude of brands like St. Regis, Sheraton, Westin and W hotels, it was acquired by Marriott in 2016. But the issue predates this acquisition. 

Marriott revealed that the reservation system had actually been compromised sometime in 2014. Unbeknownst to either brand back then, the compromised reservation system was used even after the acquisition, since much of the IT infrastructure remained the same and had not been integrated into Marriott’s private reservation system (MARSHA).

So how was the breach detected?

Sometime in 2018, a security tool flagged an unusual database query and Accenture brought it to light. Accenture had been running IT and infosecurity for Starwood properties and continued to do so once Starwood became a part of Marriott hotels.

The query was made by a user with administrator privileges, but Accenture quickly realised that the query hadn’t actually come from that account and that the account had been hacked. After digging around for more information they found a RAT in the system (and no, we don’t mean an actual rat). They discovered a Remote Access Trojan (RAT) and Mimikatz, a dangerous malware that discovers passwords and user information. Paired together, it is theorised that these two malware tools could’ve given the hackers control of that account. 

The cyber threat effect affects us all inevitably.

The damage? The personal information of more than 500 million guests was potentially stolen, which included some really sensitive information like their credit card information and passport numbers, much to the dismay of their customers

 The only silver lining to the breach of data was that none of the data ever made it to the dark web, nor was it sold anywhere else. However, this news didn’t curb the panic that ensued, as millions of people started cancelling their cards and transferring their money to more secure accounts to ensure that they weren’t defrauded in the future. Which is why, even though the data wasn’t leaked anywhere, people were still affected by the news. This rings true for all cyber crime attacks, once your data has been made vulnerable, you will have to change all your details to safeguard yourself once more.

Considering its large user base, Yahoo has fought multiple long and arduous battles against cyber-criminals over the last decade. 

 The timeline of these attacks would look something like this:

• 2012 

The first notable attack was a decade ago in 2012 when Yahoo Voices, formerly known as Associated Content, was hacked and 400,000 user accounts were compromised in the attack. 

So what made this hack possible? The problem occurred due to the weak security in the systems Yahoo acquired during the acquisition of Associated Content. As in the case of Marriott, these systems weren’t checked nor were they updated.

• 2013

Less than a year after announcing the unfortunate hacking of Yahoo Voices, Yahoo Mail was targeted. Many customers came out with complaints, stating that their accounts had been hacked. The source? Phishing mails. Yahoo users were sent phishing emails that, once clicked on, gave the hackers complete access to their mail and subsequently, access to their calendar as well.

• 2014

There was no rest for the wicked this year either. Yahoo made an announcement in the latter half of January that there was an attempted hack, where customer data - passwords and user ids - were made vulnerable. The hackers had allegedly tried to breach email accounts after getting a list of email addresses and passwords from a third-party server. Yahoo changed the passwords swiftly to put a stop to the attacks.

• 2016

In the late September of 2016, Yahoo, once again, made a public announcement, stating that 500 Million accounts were hacked. This time around, encrypted and unencrypted, including passwords, answers to security questions, mail addresses, telephone numbers and dates of birth were hacked. Yahoo pointed fingers at alleged state-sponsored hackers and hailed them as the main culprits behind this hack. This claim was obviously disputed. Yahoo also claimed that the hack was carried out using forged cookies, which eliminated the need for passwords, to gain user access.

• 2016 (Again)

Come December of 2016, a mere 3 months later, Yahoo made history by announcing the biggest data breach up till date. The hack occurred sometime in 2013 and was brought to light after an investigation by law enforcement that took place after a tip-off. 

What makes this hack historical? More than a billion accounts were reported to be hacked. Much like its precursor in September, the passwords, email addresses, encrypted and unencrypted data including security questions and their answers were hacked. The hack was also carried out using forged cookies to gain user access.

After this flood of cyber attacks over the last decade, Yahoo’s reputation has suffered irredeemably, not only because security wasn’t prioritised multiple times, but also because they failed to disclose these hacks earlier, making it look like a cover-up, which didn’t sit well with their loyal patrons. 

The aftermath for both these cases was devastating to the companies involved. Marriott Hotels was fined more than 120 Million USD for violating the privacy of British citizens under the GDPR. Further, Marriott had to cover additional costs of the breach itself. Likewise, Yahoo had to pay over 50 Million in fines.

But it’s not just about monetary loss that they inevitably incurred. It’s more about their brand image that was damaged through the whole ordeal.

So assume this to be your sign to take Cyber threats more seriously. If this blog has inspired you to consider Cyber Security as a career, upGrad Campus has courses tailored specifically for you. Do check out the Certificate course in upGrad Campus and get to saving our data from these malicious attacks today!