Rio Olympics Hacking Threats

Uploaded on 2016-08-15 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

World-class athletes aren't the only ones preparing for the Olympic Games. World-class cybercriminals are also hoping to walk away with some gold.

Brazil is a country that was already notorious for its large concentration of hackers. Symantec, in its 2016 Internet Security Threat Report, ranked the country eighth in the world for bot-based cybercrime (a bot is a device that lives on a user's PC and provides a wide variety of automated tasks for hackers).

The organization says Brazil is the source of 2 percent of all the bots throughout the world.

Add the high profile of the Olympics atop that and the threat becomes even more real — for visitors, organizers and sponsors, say security experts.

"We suspect the level of attacks will rise during the Games," says Michal Salat, threat intelligence manager at Avast. "We're quite sure there will be phishing attacks on visitors. Ultimately, it's all about money."

Salat says Avast expects attempted attacks on the Rio Olympics to be quadruple the number organizers faced in London in 2012. (Those Games saw 165 million attempts.)

Individual visitors to Rio and other Olympic venues are low-hanging fruit for hackers. Whether via phishing (tricking someone into providing their financial account information — often via an attachment in an email or a fake website that purports to sell or give away tickets), an ATM skimmer (which reads and records the card's information, including password) or point-of-sale malware (like that used in the 2013 Target breach), it's not hard for cybercriminals to trick the unsuspecting.

While government officials will certainly try to contain that activity, they're more concerned about larger-scale breaches.

ABIN, Brazil's intelligence agency, is monitoring roughly 40 groups of hackers it believes has the ability to hack "sensitive structures," such as federal databases. In the months leading up to the games, the agency has identified 1,600 groups responsible for more than 20,000 attacks on public institutions in recent years.

Athletes compete at the Ibero-American Championships in the women’s 100-meter hurdles final, a test event for the 2016 Olympic Games at the Olympic Stadium in Rio de Janeiro, May 16, 2016.

The Olympics are the biggest event the country has hosted, but Brazil got a taste of what to expect in 2014, when the World Cup was held there. During that tournament, Brazil saw almost 90,000 attacks in a 30-day period, according to cybersecurity firm Cytegic. And a study by the firm shows a regular pattern among hackers as large sporting events draw near.

In the weeks leading up to an event, it says, the number of attacks increases, peaking during the first week of the tournament or games. There's typically a decline from that point through the end of the games. Some of the hackers want to make a quick buck by stealing financial or personal information. Others, though, are more politically motivated.

"We've seen this happen in the previous World Cup in Brazil, and we saw this happen in Russia during the Olympics there," says Dan Pastor, head of intelligence for Cytegic. "We assume these types of attacks will happen again. They will target the website and the high-profile people in [Olympic organizers, the organizing country or Olympic sponsors] ... targeting high-ranking officials in government or media or sporting organizations, and they're going to use this platform in order to protest corruption or political corruption."

Hot Targets

The most likely tools of those hackers will be denial-of-service attacks on prominent websites, defacement of websites or doxxing — the release of intimately private information about an individual.

Financial institutions will also be an attractive target, says Pastor. But in Brazil that's nothing new.

"The [hacking] underground market is very advanced," he says. "I would dare to compare Brazil to the Russian underground. The financial industry is getting targeted on a daily basis yearlong by hackers. In previous [major sporting] events, there is a certain rise in attacks on banks and financial organizations — and, specifically, the targeting of financial assets."

Experts agree, though, that while hackers will attack from all angles up to and during the Olympics, one area that seems secure is the results of the events themselves. The Rio Games will utilize the cloud more than any other Olympics, and the 2020 Olympics will be entirely cloud-based. While this would seem to be a tempting target for hackers, experts say the cloud is generally more secure than physical servers.

"The cloud, ultimately, offers more operational security than the distributed systems we've had in the past," says Mark Testoni, president of SAP National Security Services. "The cloud allows you to apply security more rapidly. Often, the things that cause breaches are individual human factors, like, 'I wasn't able to patch all the computers.'"

So as businesses and government organizations beef up their firewalls and monitor threats, what can you do if you're headed to Rio to enjoy the Olympics yourself?

It largely comes down to the same techniques you use to guard against cybercrime on a daily basis: Don't click on links or attachments from people you don't know. Only buy tickets from official outlets. Check an ATM for a loose keypad before inserting your card. And use official applications on your smartphone rather than low-rated ones with small user bases.

The US Office of the Director of National Intelligence, in a recent awareness campaign, advised some more drastic steps, including leaving devices at home and even considering carrying a burner phone, which doesn't contain personal data or secure information.

Experts, though, say that might be taking things a little too far, even in a hacker-rich environment like the Rio Olympics. "It might be good advice, but it's overkill for 99 percent of the population," says Pastor. "It's good advice on a technical level, but on an individual level, you can't ask someone to buy new phones or computers when they go to such an event. The responsibility lies much more on the organizers."

CNBC:

« Google Uses AI To Save On It’s Energy Bills
ISIS Suspect Was Sending Encrypted Emails »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

TenIntelligence

TenIntelligence

TenIntelligence provides due diligence, brand protection and fraud investigation services including digital forensics.

Encode

Encode

Encode delivers a cutting edge Security Analytics & Response Orchestration platform and best of breed Cyber Security Operations and Services.

Secure-NOK

Secure-NOK

Secure-NOK provides products and solutions that detect and remove security attacks and harmful events in industrial networks and control systems.

Cyber Triage

Cyber Triage

Cyber Triage is an automated incident response software any company can use to investigate their network alerts.

Cologix

Cologix

Cologix provides reliable, secure, scalable data center and interconnection solutions from 24 prime interconnection locations across 9 strategic North American edge markets.

VivoSecurity

VivoSecurity

VivoSecurity is a pioneer in cyber risk quantification based on data science. Our products and services help organizations achieve optimal information security and GRC programs.

Quaynote Communications

Quaynote Communications

Quaynote Communications is a specialist conference and communications company focused primarily on the maritime, yachting, aviation and security industries.

NuSummit

NuSummit

NuSummit (formerly NSEIT) specializes in empowering financial services firms to navigate complex challenges with cutting-edge, technology-driven solutions.

Charterhouse Müller UK

Charterhouse Müller UK

Charterhouse Müller UK are a leading service provider for end of life IT services including data erasure and secure IT asset disposal.

Prima Cyber Solutions (PCS)

Prima Cyber Solutions (PCS)

Prima Cyber Solutions is focused on protecting your business from the massive and devastating impacts that cyber-attacks may cause.

LastPass

LastPass

LastPass provides award-winning password and identity management solutions that are convenient, effortless, and easy to manage.

Descope

Descope

Descope is a service that helps every developer build secure, frictionless authentication and user journeys for any application.

CloudGuard

CloudGuard

CloudGuard is an AI-driven XDR platform that helps organisations to proactively detect and automatically remediate threats in real-time.

CyberEPQ

CyberEPQ

CyberEPQ (Cyber Extended Project Qualification) is the UK’s first and only Extended Project Qualification in Cyber Security.

Edera

Edera

Edera is changing the way containers are run and secured, making isolation a reality and fundamentally transforming computing in the process.

Greenway Solutions

Greenway Solutions

Greenway Solutions are trusted advisors relied upon by our clients to combat sophisticated adversaries in the fraud and security domain.