• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About
    • Secure360
    • UMSA
    • Get Involved
  • Events
    • Secure360 2021
    • Student360
    • Past Events
      • 2020 Secure360 Twin Cities
      • 2020 Student360
      • 2019 Secure360 Twin Cities
      • 2019 Student360
      • 2018 Secure360 Twin Cities
      • 2018 Secure360 Wisconsin
      • 2018 Student360
      • 2017 Secure360 Twin Cities
      • 2017 Student360
      • 2016 TC Secure360 Conference
      • 2015 Secure360 Conference
      • 2014 Secure360 Conference
      • 2013 Secure360 Conference
        • 2013 Secure360 Conference Speaker Presentations
      • 2012 Secure360 Conference
  • For Sponsors
    • Secure360 Twin Cities
    • Student360 Sponsors
  • For Speakers
    • Secure360 Speaker Details
    • Student360 Speaker Details
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

Olympics newest sport: Phishing

October 12, 2016 by Secure360 and UMSA

phishing cyber threats

Copyright: 123rf/mihtiander

Far before the Olympic torch was lit and the world champion athletes suited up, global cybersecurity experts were preparing for cyber threats ahead of the 2016 Rio Olympics. With big crowds anticipated, both at the events and virtually, the opportunity for cyber criminals to commit crimes was extremely high. Here’s a look at some of the criminal trends and attempts that experts noticed before and during this year’s global games.

What they were watching for: Potential cyber threats

In the weeks leading up to the games, Kaspersky Lab researchers spotted a spike in phishing attacks, email scams and spam messages that mimicked branding from the 2016 Rio de Janeiro Olympics. Some of the common criminal trends the Kaspersky researchers noticed were:

  • Increased registered domains with names containing words such as “rio”and “rio2016”
  • Increased purchasing of cheap SSL certificates to make phony sites look more credible.
  • Increased false emails sent claiming users had won lotteries
  • Increased and creation of false advertisements for televisions and other products including magic pills that promise to make the recipient an “Olympic champion”

Additionally, it was reported that the most popular scams were conducted using phishing websites that emulated ticket sale services. Through these faulty ticket sale sites, phishers would try and steal confidential banking card information with a hope of gaining access to any associated account with that card. As a result, the criminals would not only steal the victim’s money but deprive them of the chance of attending the Olympics by supplying them with a fraudulent ticket.

Teachings from the 2016 Olympic cybersecurity situation

Though the games at Rio de Janeiro highlighted unbelievable athletic performances it also drew attention to the cybersecurity vulnerabilities of large scale global events. According to Radware, here are some of the lessons learned from Rio, and ways to stay protected.

Encrypt your data

In the data dumps out of the Olympics, some of the passwords and other sensitive information were in clear text and not protected at all. It’s basic, but making sure your data is encrypted can help prevent embarrassing and costly revelations after a hack.

Guard against multi-vector attacks

Implement a security solution that includes protection from network- and application-based DDoS attacks, as well as volumetric attacks that can saturate the internet pipe.

Be ready for collateral damage, even if you’re not a part of the big event

When you use cloud storage, you don’t necessarily know who your neighbors are on your providers’ servers. If one of them is the target of a DDoS attack, the damage could spill over to your properties. Make sure you know your cloud provider’s architecture and security policies, and whether it can separate clean and malicious traffic.

Stop SQL injections and other web-based attacks and intrusions

If the data dumps coming out of the Olympics cyber-attacks are verified, they likely were obtained via an injection-based attack, like a SQL injection. Make sure your security solution blocks these kinds of attacks.

The good news is that, despite the increased threats to cybersecurity at the 2016 games, overall, the Olympics was able to proceed without a major successful cyber-attack. One important lesson is clear though: the earlier we prepare for cyber security efforts for Tokyo 2020, the better.

Filed Under: Cybersecurity

About Secure360 and UMSA

The Secure360 and UMSA team is made up of professionals in the security and risk management industries. Topics of expertise range from physical security, IT, risk management, cybersecurity, cloud, information security and records management.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

  1. Marketing Envy
    Marketing Envy: [New Blog] 2020 saw in-person conferences evaporate, but with vaccines rolling out, 2021 could be different. H… https://t.co/4YONwZNsDa
    about 6 days ago

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2021 Secure360. All rights reserved.