- Security TWENTY
- Women in Security
During the 2016 UEFA European Championships, the SmartWire Labs Team at Wandera has been analysing the mobile data traffic patterns across its enterprise customers in the European countries that make up this year’s tournament. Wandera said that during the research period, the number of data leaks observed increased. The IT firm predicted this number will continue to rise as the tournament goes on as a result of more people travelling across Europe and using unfamiliar apps and websites to access match information. The company suggested that data leaks will peak in late June towards the end of Euro 2016, before going back to normal levels in late July.
The firm summed up that the increased data usage for the beginning of Euro 2016 was no surprise to anyone. The risks associated with this increase in traffic have implications. With more people travelling across Europe, using unfamiliar websites and apps, as well as the discovery that the official UEFA app is leaking data could all lead to serious security breaches with thousands of fans’ data being put at risk, according to the firm.
Andrew Tang, Service Director, Security at MTI Technology, spoke of two ways organisations can protect corporate data. The first is through a fleet of corporate devices, which can control what apps are installed and which websites can be visited. However, with fleets of devices becoming old-fashioned and bring your own device (BYOD) policies ever more common in the workplace, controlling what an employee uses their device for, has become more complex. Enterprise Mobility Management (EMM) platforms are key to protecting corporate data. By separating company information from the rest of the phone; including apps, emails and documents; employers can ensure that a ‘wall’ is created around sensitive information and as a result, can prevent infection from compromising data.
Can organisations prevent downloading of apps that leak data?
With a fleet of managed devices, this is less of a problem as companies can place restrictions on what apps can be downloaded. With BYOD however, employees can be free to download what they want to. Through a EMM platform, businesses can create a corporate app store that restricts what employees can use through the platform. This allows IT departments to restrict access to certain apps on Google Play or the Apple Store, ensuring that only approved apps are used to access corporate information, while still allowing employees are free to download whatever they wish to use on their device.
What are the best practices for protecting infrastructure during major sports events?
Public Wi-Fi is a particular threat when it comes to malware penetrating a mobile device. Open, password free Wi-Fi connections are not encrypted, which means that they are easy targets for hackers. For example, the WiFi Pineapple makes man-in-the-middle attacks easy. In this type of attack, a hacker sits in between the device and the Wi-Fi it is connected to in order take information away from the device. This is especially dangerous in foreign countries as some users try to make the most of avoiding having to pay roaming charges through free Wi-Fi. Education is key here. By informing employees of the dangers free and open Wi-Fi connections can pose, organisations can hopefully mitigate some of the threat. However, this is far from foolproof.
While it would certainly be easier for companies to restrict access on employees’ devices, this creates issues around privacy, as many would not like to be told what they are and are not allowed to use their device for.
And Lisa Baergen, director at NuData Security, writes that sports teams and events are like honey pots for hackers.
Large sports teams and large sporting events are attractive to cyber criminals on several levels. Not only are they highly visible, and present large targets of opportunity for criminals who may be looking to earn a name for themselves, teams also amass large repositories of valuable performance and health stats and analytics on players and games.
Thieves and hackers are attracted to this valuable data like bears to honey because it can be sold to legitimate industries including the media and fantasy sports gamers, but also bookies and organised crime involved in illegal betting and gambling. Opponents and rival events could also be interested in getting a leg-up on their rival with insider information.
Also, these organisations also conduct a high volume of e-commerce transactions. Teams and events are increasingly transacting online for bookings and sales, and of course, are fully embracing mobile payment options making them at risk for malware and phishing attacks, akin to the risk profile that large e-comm and m-comm vendors have.
First of all, the team or organisation could be targeted for a breach that exposes personally identifiable information of their customers, fans, and even their players and staff. Several large attacks in recent years have borne this out, for example the 2015 “Team Sky” attack that went after performance data in order to discredit Tour De France leader Froome. Sometimes these attacks can also be politically motivated, as in the FC Barcelona attack that sought to embarrass the team on their twitter account.
If the breach has been successful in gathering data, this info can often lie dormant while the hacker attempts to amass more data points in order to add value. The data is compiled into sets called “fullz”. Once complete, these identity packages sell for more, and can be used by fraudsters to take over accounts in all kinds of places, or on the team and event sites to purchase tickets or collectables for resale.
Sports teams, just like high profile retailers, can protect against these identity thieves by ensuring they fully understand who is turning up at the account login page. The advantage they have is that fans typically return again and again and a behavioural biometric tool could be a very useful in building a solid profile of the good user in order to provide real-time verification.
By not waiting until transaction, but building a more complete identity profile of the user over time, behavioural biometrics (BB) tools empower online vendors to investigate at any point when high-risk activity is detected but present no friction to users until the vendor chooses to introduce it. This can greatly enhance the customer’s experience at login or checkout. With the knowledge that false declines can account for 32% of lost customers, basically handing the customer to a competitor, removing friction for customers you are a certain are good customers will improve their experience with that brand.
The biggest emerging threats are in the less secure mobile space with highly sophisticated malware and Trojans that can lurk on a user’s device observing and collecting everything the user does, says and sees with it — stealing all account data and PII information, sometimes taking over the camera and microphone, and, of course, is completely invisible to the user. Most commonly downloaded via apps, these software interlopers present a significant risk to all online merchants, financial institutions and online sporting providers.
The risks for digitally active sports fans more than doubled during the 2016 UEFA Euros, according to mobile and enterprise network product firm Allot and cyber security firm Kaspersky. Increases in online sports betting and social networking are major contributors to increased cyber security risk.
Alexander Karpitsky, Head of Technology Licensing, Kaspersky Lab, said: “Cyber-criminals often use big events to lure users with phishing emails and fake websites, exposing fans to intensified and new potential cyber risks. Users should be aware of potential threats and lookout when clicking on links, entering their credentials on websites or making financial transactions. We at Kaspersky Lab recommend sports fans take a proactive approach to their online security, especially when mobile, safeguarding their devices with IT security solutions at all times.”