Major sporting events such as the Olympics typically create increased consumer activity and spending, which offers cybercriminals heightened opportunity for several types of malicious activity, writes Jens Monrad, principal threat analyst at the cyber product company FireEye.
With the 2018 Winter Olympics commencing soon, we can expect that the events will generate cyber threat activity. Both targeting of specific organisations that are involved in sponsoring, promoting and participating in the game, as well as using the attention it generates as lure content for delivery of malware. Based on historical activity surrounding the Olympics, these threats will likely include cyber espionage groups, hacktivists and cybercriminals.
Based on emerging threats, the host country and historical trends, there is likely a high threat to the 2018 Winter Olympics from nation-state-backed cyber espionage groups, follow-on information operations, and even nationalist hacktivist groups, in particular from countries who are either in conflict with the host country or in conflict with International Olympic Committee (IOC).
I think the 2018 Olympic Games will generate increased threat activity by cybercriminals inside and outside of the region, though the threat is unlikely to be as severe as the 2016 Summer Olympics, given the sophistication of the cybercriminal environment in Brazil.
Cybercriminals have an increased opportunity to steal and monetise interested persons’ payment credentials or other sensitive information. Actors may also attempt to compromise merchants providing services for the event to steal payment credentials at a centralised point, using POS malware or other tools.
Actors could use Olympics-themed spam to distribute malware and direct victims to phishing sites to infect victims’ computers with malware. Such malware could harvest financial credentials, usernames and passwords for victims’ accounts, and other personally identifiable information (PII). For example, based on intelligence gleaned from FireEye detection technologies, we have already observed threat actors use 2018 Olympic-themed subject lures, although the specific payloads linked to these campaigns have not yet been identified.
Travellers, regardless of the Olympic Games, should always stay vigilant, when they are on the road.
The risk of theft varies on the country. The chance of getting digital information stolen via malware or because of credit card usage in locations which are compromised has increased as we have become more dependent on how we communicate and do business and transactions.
Travellers should also consider what equipment they bring with them, what hotspots they connect to via WIFI and always make sure that any device is updated before travelling and never left unattended.
