Rio Olympics Hacking Threats

Uploaded on 2016-08-15 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

World-class athletes aren't the only ones preparing for the Olympic Games. World-class cybercriminals are also hoping to walk away with some gold.

Brazil is a country that was already notorious for its large concentration of hackers. Symantec, in its 2016 Internet Security Threat Report, ranked the country eighth in the world for bot-based cybercrime (a bot is a device that lives on a user's PC and provides a wide variety of automated tasks for hackers).

The organization says Brazil is the source of 2 percent of all the bots throughout the world.

Add the high profile of the Olympics atop that and the threat becomes even more real — for visitors, organizers and sponsors, say security experts.

"We suspect the level of attacks will rise during the Games," says Michal Salat, threat intelligence manager at Avast. "We're quite sure there will be phishing attacks on visitors. Ultimately, it's all about money."

Salat says Avast expects attempted attacks on the Rio Olympics to be quadruple the number organizers faced in London in 2012. (Those Games saw 165 million attempts.)

Individual visitors to Rio and other Olympic venues are low-hanging fruit for hackers. Whether via phishing (tricking someone into providing their financial account information — often via an attachment in an email or a fake website that purports to sell or give away tickets), an ATM skimmer (which reads and records the card's information, including password) or point-of-sale malware (like that used in the 2013 Target breach), it's not hard for cybercriminals to trick the unsuspecting.

While government officials will certainly try to contain that activity, they're more concerned about larger-scale breaches.

ABIN, Brazil's intelligence agency, is monitoring roughly 40 groups of hackers it believes has the ability to hack "sensitive structures," such as federal databases. In the months leading up to the games, the agency has identified 1,600 groups responsible for more than 20,000 attacks on public institutions in recent years.

Athletes compete at the Ibero-American Championships in the women’s 100-meter hurdles final, a test event for the 2016 Olympic Games at the Olympic Stadium in Rio de Janeiro, May 16, 2016.

The Olympics are the biggest event the country has hosted, but Brazil got a taste of what to expect in 2014, when the World Cup was held there. During that tournament, Brazil saw almost 90,000 attacks in a 30-day period, according to cybersecurity firm Cytegic. And a study by the firm shows a regular pattern among hackers as large sporting events draw near.

In the weeks leading up to an event, it says, the number of attacks increases, peaking during the first week of the tournament or games. There's typically a decline from that point through the end of the games. Some of the hackers want to make a quick buck by stealing financial or personal information. Others, though, are more politically motivated.

"We've seen this happen in the previous World Cup in Brazil, and we saw this happen in Russia during the Olympics there," says Dan Pastor, head of intelligence for Cytegic. "We assume these types of attacks will happen again. They will target the website and the high-profile people in [Olympic organizers, the organizing country or Olympic sponsors] ... targeting high-ranking officials in government or media or sporting organizations, and they're going to use this platform in order to protest corruption or political corruption."

Hot Targets

The most likely tools of those hackers will be denial-of-service attacks on prominent websites, defacement of websites or doxxing — the release of intimately private information about an individual.

Financial institutions will also be an attractive target, says Pastor. But in Brazil that's nothing new.

"The [hacking] underground market is very advanced," he says. "I would dare to compare Brazil to the Russian underground. The financial industry is getting targeted on a daily basis yearlong by hackers. In previous [major sporting] events, there is a certain rise in attacks on banks and financial organizations — and, specifically, the targeting of financial assets."

Experts agree, though, that while hackers will attack from all angles up to and during the Olympics, one area that seems secure is the results of the events themselves. The Rio Games will utilize the cloud more than any other Olympics, and the 2020 Olympics will be entirely cloud-based. While this would seem to be a tempting target for hackers, experts say the cloud is generally more secure than physical servers.

"The cloud, ultimately, offers more operational security than the distributed systems we've had in the past," says Mark Testoni, president of SAP National Security Services. "The cloud allows you to apply security more rapidly. Often, the things that cause breaches are individual human factors, like, 'I wasn't able to patch all the computers.'"

So as businesses and government organizations beef up their firewalls and monitor threats, what can you do if you're headed to Rio to enjoy the Olympics yourself?

It largely comes down to the same techniques you use to guard against cybercrime on a daily basis: Don't click on links or attachments from people you don't know. Only buy tickets from official outlets. Check an ATM for a loose keypad before inserting your card. And use official applications on your smartphone rather than low-rated ones with small user bases.

The US Office of the Director of National Intelligence, in a recent awareness campaign, advised some more drastic steps, including leaving devices at home and even considering carrying a burner phone, which doesn't contain personal data or secure information.

Experts, though, say that might be taking things a little too far, even in a hacker-rich environment like the Rio Olympics. "It might be good advice, but it's overkill for 99 percent of the population," says Pastor. "It's good advice on a technical level, but on an individual level, you can't ask someone to buy new phones or computers when they go to such an event. The responsibility lies much more on the organizers."

CNBC:

« Google Uses AI To Save On It’s Energy Bills
ISIS Suspect Was Sending Encrypted Emails »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

AvePoint

AvePoint

AvePoint is an established leader in enterprise-class data management, governance, and compliance software solutions.

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security is a leading manufacturer of network security appliances for use in industrial environments.

Roke Manor Research

Roke Manor Research

Roke is a world-class electronics engineering consultancy. Areas of expertise include cyber security, cyber assurance and cryptographic solutions.

CRU Data Security Group (CDSG)

CRU Data Security Group (CDSG)

CRU is a pioneer in devices for data mobility, data security, encryption, and digital investigation.

SCIPP International

SCIPP International

SCIPP’s courses are based on internationally recognized best business practices for security awareness, for both technical and non-technical staff and to comply with regulatory mandates.

i-Sprint Innovations

i-Sprint Innovations

i-Sprint is a leader in Securing Identity and Transactions in the Cyber World for industries that are security sensitive.

Fingerprint Cards

Fingerprint Cards

Fingerprint Cards develops and produces biometric components and technologies that verify a person’s identity through the analysis and matching of an individual’s unique fingerprint.

Hardenite

Hardenite

Hardenite solution helps R&D, DevOps and IT teams to continuously manage security risks and hardening efforts of any Linux OS – based product, throughout the product life cycle.

Business Hive Vilnius (BHV)

Business Hive Vilnius (BHV)

BHV is one of the oldest startup incubator and technology hubs in the Baltics, primarily focused on hardware, security, blockchain, AI, fintech and enterprise software.

Trusted CI

Trusted CI

Trusted CI, the NSF Cybersecurity Center of Excellence is comprised of cybersecurity experts who have spent decades working with science and engineering communities.

South East Cyber Resilience Centre (SECRC)

South East Cyber Resilience Centre (SECRC)

The South East Cyber Resilience Centre supports and helps protect SMEs and supply chain businesses and third sector organisations in the region against cyber crime.

Infostream

Infostream

Infostream is a leading integrator of Digital Transformations Solutions (DTS); Public, Private, and Hybrid Cloud; Cybersecurity; Data Integrity; DevOps, DevSecOps, and Infrastructures.

Progress Partners

Progress Partners

Progress Partners is a corporate advisory firm that works with buyers and sellers of emerging growth companies to complete M&A or private placement transactions. Our sectors include cybersecurity.

Sayers

Sayers

Sayers is best known for its ability to solve business challenges with IT solutions. Our areas of expertise include cloud, storage, virtualization, security, mobility and networking.

StrongDM

StrongDM

StrongDM is the leader in Zero Trust Privileged Access Management (PAM).

Planisys

Planisys

Planisys is a cybersecurity leader specializing in cutting-edge DNS security and email security solutions.