The Olympics have become a beacon for cyber criminals, said Samir Kapuria, Senior Vice President with security firm Symantec. A great deal of money is spent on the international event, so hackers naturally want a slice of the pie, he added.
Bigger the event, more it is likely to attract the attention of hackers who have malicious intent. Previously it was reported that during the 2012 Olympics more than 166 million security related activities including half a dozen major attacks were witnessed by the London Organizing Committee. Meanwhile, Japan is already gearing up its cybersecurity initiatives by investing $190 million for the sole purpose of hiring cybersecurity professionals way ahead of the 2020 Games.
When it comes to spending money, it has been projected that the total cost of Rio Olympics will exceed $12 billion. And it’s not the host country that will be spending big – Fans of the mega-sport event will be spending millions on the tickets, travel, and accommodations. On the other hand, businesses and sponsors like Omega, Samsung, Coca-Cola, Visa and several others will be shelling out hundreds of millions into marketing themselves during the entire event. When so much of money is involved, it’s no surprise that cyber-criminals are rallying themselves for the big party ahead.
Today we are listing down 5 things about Rio Olympics Cybersecurity that your boss would love to know.
1. Brazil is a known hub for cybercrime
Foreign Affairs listed Brazil to be at the epicenter of a global cyber crime wave. In terms of online banking fraud and financial malware, Brazil ranks second worldwide. In 2014, Brazil lost more than $8 billion to internet crime, and the losses did not abate in 2015. The top economic crime in the country is cyber crime and it ranks fourth on the economic crimes chart in the rest of the world. The reputation of the host country is such that it makes Rio Olympics cybersecurity one of the major concerns for the event.
“Brazilian cyber criminals are not only creative but also bold. There’s a general feeling of impunity…the laws are very general, there aren’t many of them and their bite isn’t strong. Cyber criminals don’t even bother hiding, they flaunt their activities,” said Limor Kessem, Executive Security Advisor at IBM Security.
2. Identity Theft and Fraud
Rio Olympics would witness an enormous amount of the economic transactions during the whole duration of the event, giving rise to identity theft and fraud. Cyber criminals are counting on this to conduct widespread attacks on unsuspecting visitors.
Identity theft is the deliberate use of someone else’s identity, usually as a method to gain a financial advantage or obtain credit and other benefits in the other person’s name, and perhaps to the other person’s disadvantage or loss. The person whose identity has been assumed may suffer adverse consequences if they are held responsible for the perpetrator’s actions.
Unsecured Wi-Fi networks are one of the major reasons for Identity Theft. Kaspersky Lab analysts and researchers mapped and assessed the security of the Wi-Fi networks that visitors will encounter in Rio. Their findings showed that nearly a quarter of Wi-Fi networks around Olympic venues are Unsecure.
More than 4,500 single unique access points were discovered in areas near Olympic Games venues. 18% of Wi-Fi networks tested were open – which means that the data sent and received through them is not encryption protected and can therefore be compromised. Open and misconfigured Wi-Fi networks are currently favorited among criminals since these allow them to steal passwords, credit card details and other user sensitive data.
3. Scam Alert – You Don’t Have To Go to Rio to be Targeted
Fraudulent ticket scams cost music and sports fans around £5 million last year, out of which nearly half of those tickets were operated using social media sites. The money lost by fans to these scams rose from £3.35 million in 2014.
The City of London Police has warned that criminals are targeting the public with fake tickets to Rio Olympics and false promises of lottery wins. Action Fraud, its national fraud and cyber crime unit, has received 47 reports of fraud relating to the Rio Olympics, with a total reported victim loss of £299,935.
“People should be wary about buying tickets at the last minute and should always check the authorised seller’s list, which is published for the Rio Olympics, and the legal ticket guide relating to the resale of tickets,” the police said.
Cyber criminals are getting more tech savvy and their attacks are becoming more sophisticated than before. Hackers are buying cheap SSL certificates that allow them to add ‘https’ at the beginning of the fake website’s URL in order to give an illusion to users that the website is legitimate. Cyber criminals are also using search engine optimization strategies to ensure that their website gets high traffic and some of them even carry advertisements.
4. Ransomware
Ransomware is a malware that typically demands a fee to unscramble important data on a compromised device. As per Cisco’s “Midyear Cybersecurity Report (MCR),” in 2016, ransomware has become the most profitable malware type in history and the trend will continue with even more destructive ransomware that can spread by itself and hold entire networks, and therefore companies, hostage. Cyber criminals are increasingly using ransomware in their attacks as they know that’s where the real money lies.
With the Rio Olympics fast approaching, businesses need to watch out for spam emails that might be loaded with ransomware. They need to put multiple layers of protection to keep their networks safe and secure. Businesses also need to educate their employees regarding the threats imposed by spam emails and fraudulent websites.
On the other hand, users should be aware of any kind of Rio Olympics-related promotional offers, discount ticket emails and free streaming websites. If an offer looks too good to be true, it probably is!
5. Mobile App Security
It’s not just the web that attracts a hackers attention. Mobile apps are an all time favorite haven for cyber criminals to lure businesses and consumers. Fake mobile apps associated with promotions and sponsorships for the Rio Olympics are already appearing in app stores all over the world, tricking more users every day.
Hackers create these apps to offer games or other interactive experiences that ask users to provide financial data and other sensitive information. Users grant these app permissions without a second thought in order to gain access to the content.
Businesses who have remote employees traveling to the Olympics need to be proactive towards mobile security and take the necessary precautions to avoid being hacked during the Olympic event. The best way to defend against the growing threat outside the company’s firewall is to discover and monitor your entire attack surface, so you can quickly investigate any threats for rapid response.
The article originally appeared here and has been republished with permission from Appknox Team. It has not been edited by Techseen.
