While cyber attacks during the Olympic games are not new, with attacks reported as far back as 2004 when the Summer Olympics in Greece that year saw a cellphone service provider's switches hacked, Fortinet sounds the alarm on the Summer Olympics in Rio for two reasons which could impact spectators, athletes and support teams on the ground, and create a halo effect that could affect those at home when they return (or even before):
Low priority for cyber attacks in Brazil
According to the World Economic Forum (WEF) ranking of global business risks, Brazil ranks cyber attacks No. 23 and data fraud/theft No. 16. Failure of national governance is listed as No. 1, while water crises are in the No. 2 spot. In contrast, Japan among other countries has ranked cyber attacks No. 1.
The report goes further to say that based on historical information, the volume of attacks is expected to be high. The 2012 London Olympics experienced 165 million security events, which were reduced to 97 actual security incidents according to the CIO of the 2012 Olympic Games Gary Pennell. The UK ranks cyber attacks No. 2 in business risks in the 2016 WEF ranking, raising questions about how a country which considers cyber security lower on the list may fare when faced with many security events.
Respondents for the WEF survey included members of multistakeholder communities of leaders from business, government, academia and non-governmental and international organisations - key decision makers who might also have been involved in supporting the Olympics ecosystem.
Increased threat activity in Brazil
|Source: Fortinet FortiGuard Eye of the Storm report.
Percentage increase in threats in Brazil from May to June 2016 compared
against global percentage increases. Or note are the increases for
malicious URLs and phishing URLs.|
Fortinet also observes in the report, which was published before the Olympics this year, that the volume of malicious and phishing artifacts (i.e. domain names and URLs) in Brazil is on the rise. In June, malicious URLs grew 83% month-on-month compared to 16% for the rest of the world. FortiGuard Labs is already seeing indicators of repeat techniques used in past attacks, the report revealed. For example, domain lookalikes such as v1sabancario.k6.com.br, associated with payment systems fraud, and over 3,800 malicious websites and URLs with the government designation “.gov.br” could be targeting government and event officials.
Similar techniques that were used during the 2014 Rio World Cup according to a report by the National Cyber Security Institute. Notable threat artifacts for Q216 include a Nemucod ransomware variant as the top malware variety, and first stage Trojans and downloaders as top malware types. Andromeda, Sality and Zeroaccess are the top three botnets in action, while the top three exploit kits in use have been RIG, Neutrino and Angler.
Download FortiGuard Eye of the Storm (PDF. The report helps to prepare readers on preparing to face an active data breach as well as how to apply cyber threat intelligence for more proactive results.