Home Tags Olympic Games

Tag: Olympic Games

Cybercriminals may alter score results and engage in launching physical attacks at future Olympic Games, a recently released report warns.
Says security in danger of being left behind in technology accelerationShanghai, China, June 29: At the Mobile World Congress in Shanghai, network signalling security experts Evolved Intelligence warned that operators racing to deploy 5G services in time for the Winter Olympic games in 2018 were in danger of forgetting the security lessons of the past.Co-Founder and Commercial Director Peter Blackie said that not enough progress had yet been made on securing 5G network signalling. “It... Source: RealWire
Russia-based hackers are apparently not happy with the attention they've been getting for their Olympic anti-doping agency "conspiracy" leaks.reader comments 43 Share this story This morning, Ars received an odd ask by Twitter direct message: "Hello, we are Fancy Bears' Hack Team.

Are you interested in WADA and USADA confidential documents?" Fancy Bears HT is the front for the hacking operation that spear-phished International Olympic Committee members to gain access to the systems of the World Anti-Doping Agency (WADA).

Those records were leaked—and in some cases, according to WADA officials, modified—in an effort to discredit the Olympics' drug-testing rules.

The leaks were seen by officials as retribution for the bans imposed on Russian athletes after widespread doctoring of drug tests by the Russians at multiple Olympic games was exposed by a WADA investigation. The hack of the United States Anti-Doping Agency (USADA) e-mails was first revealed in October.

A spokesperson for USADA told Ars that the e-mails were probably exposed during the Paralympic Games in Rio de Janeiro, possibly when a scientific advisor to USADA was using public Wi-Fi at the games. The Federal Bureau of Investigations and an outside information security firm are still investigating the breach.

But officials have indicated that, as in the WADA breach, the perpetrators are in some way tied to the group behind part of the network intrusion at the Democratic National Committee and the hacking of e-mail accounts of a number of political figures—including Hillary Clinton's campaign chairman, John Podesta. Those hacks were attributed by security researchers to a group designated by Crowdstrike as "Fancy Bear"—a name the hackers apparently liked so much that they adopted it for their Twitter account name and WADA/USADA leak site. On the other hand, whoever is behind the Fancy Bears Twitter account told Forbes' Thomas Fox-Brewster (who got a similar pitch by DM) that they were not the same Fancy Bear (aka APT28). Nothing in the e-mails leaked from USADA so far is particularly controversial.

The latest batch includes discussions with officials from a number of different countries' anti-doping agencies about contingency plans for what to do if Russian athletes were not banned from the Olympic games as well as preparation for a lawsuit to be filed by USADA and the Canadian Centre for Ethics in Sport against the International Olympic Committee that was never taken forward.

The contents of the e-mails, USADA Communications Manager Ryan Madden told Ars, "just show us doing our jobs." And it's that mundane level of content—and the resulting lack of interest in continued press coverage—that may have prompted Fancy Bears to reach out to Ars and other outlets this morning.

The WADA/USADA leaks are apparently not getting the amount of attention that Fancy Bears feels they deserve, as it offered a lure to write more about them: A transcript of Ars' chat with some Fancy Bears.
Anti-doping body WADA says it ain't so Hackers may have doctored athletes’ data prior to leaking it, according to the World Anti-Doping Agency (WADA). The "Fancy Bear" hacking group has been releasing details of athletes' Therapeutic Use Exemptions (TUE*) after breaking into the systems of the fair play enforcement agency, as previously reported. WADA, which acknowledged the breach last month soon after leaked data surfaced on Fancy Bear’s website, said on Wednesday that “not all data released by Fancy Bear (in its PDF documents) accurately reflects ADAMS data” - implying some of the leaked information had been deliberately altered prior to its release. Russia is the prime suspect in the Fancy Bear attacks, thanks in large part to a ban by many sports preventing many Russian athletes from participating in the Rio Olympics. WADA itself has previously blamed a Russian hacking group for the breach, which it further condemned in its latest update. “The criminal activity undertaken by the cyber espionage group, which seeks to undermine the TUE program and the work of WADA and its partners in the protection of clean sport, is a cheap shot at innocent athletes whose personal data has been exposed,” WADA’s statement fumes. Fancy Bear compromised an account in WADA’s Anti-Doping Administration and Management System (ADAMS) created especially for the Rio 2016 Olympic Games.

This hack facilitated access to the medical history of athletes that participated in the games. WADA’s technical and forensic team’s current assessment is that hackers illegally accessed the Rio 2016 ADAMS Account multiple times between 25 August 2016 and 12 September 2016, using credentials obtained through a spear phishing campaign. The broader ADAMS system was not compromised in the attack, according to WADA.
In response to the admitted breach, WADA has tightened its security controls, introduced increased logging as well as hiring FireEye Mandiant to handle incident response. Security watchers have warned of the possibility of hacking attacks that involved data manipulation for several years, and the only real surprise on that front is that the attack affected a sporting rather than a banking organisation. Jason Hart, CTO of data protection at Gemalto, commented: “As the news that data from the WADA hack may have been manipulated shows, business leaders need to realise they are no longer just at risk from data simply being stolen.

As well as exposing gaps in a company’s security, the next frontier for cyber-crime will be data manipulation.

Data is the new oil and the thing most valuable to hackers. “Businesses can make vital decisions based on incorrect or exaggerated information, or data that has been stolen can be altered to change public sentiment regarding a business or individual, which hackers can exploit for personal or financial gain,” Hart said, adding that the fact that a breach can take months to detect further exacerbates the problem. Bootnote *The TUE process allows athlete to obtain approval to use a prescribed prohibited substance or method for the treatment of a legitimate medical condition, such as asthma.
Virtually, that is. Zeus trojan ported to bash Brazil banks Criminals are ramping up their online presence in Rio de Janeiro, where the Olympic Games will open on Friday, August 5 – with IBM and Fortinet reporting new banking trojans and cyber crime activity in Brazil. Big Blue has reported a variant of the Zeus trojan has emerged on crime forums targeting local banks and exploiting financial habits of users in the country in what is evidence the trojan is not a mere copy-and-paste effort. The Panda Banker trojan began in Europe and the US hitting banks in the region earlier this year before being ported to smash the home of the looming 2016 Olympics. The Brazilian variant targets 10 unnamed national banks and localised payment services and is being flogged by the original developers under a subscription payment model. Panda can also raid Bitcoin exchange credentials, airline loyalty programmes, prepaid cards and gambling sites, IBM X-Force researchers say. Its customisation continues: the trojan has been written to target a local security firm, a supermarket chain, and even law enforcement. Researchers suggest the possibly Russian-speaking designers are worked in concert with Brazil locals to develop the latest variant. "Panda grabs login credentials on the fly, is capable of injecting malicious code into ongoing web sessions to trick users with social engineering, and its operators are versed in the use of automated transaction panels," researchers say. "Panda’s operators’ favoured fraud methodology is account takeover, in which victim credentials are robbed and then used by the attacker to initiate a transaction from another device." Most infection comes via Word documents and poisoned macros with pop-up windows used to capture one-time banking passwords. Meanwhile Fortinet is warning of a huge 83 per cent spike in malicious domains and phishing URLs in Brazil across June compared to the global average of 16 per cent. Researchers with the company write in its latest threat report [PDF] that some 3,800 malicious government (gov.br) sites have spun up that target bureaucrats and Olympics officials. "As the 2016 Rio Olympics unfold, the history of increased attacks will undoubtedly continue and FortiGuard Labs is already seeing indicators of repeat techniques such as domain lookalikes for payment fraud and malicious websites or URLs targeting event and government officials," security strategist Ladi Adefala says. The findings are similar to those affecting previous major sporting events like the soccer World Cup and previous Olympic Games. In January Trend Micro found as part of its series of analysis on regional cybercrime markets that Brazil's underground was booming. Researchers at the firm said the South American nation had an "influx" of new criminals to its online communities who shirk anonymity when draining user bank accounts with malware and openly boast of their success. ® Sponsored: 2016 Cyberthreat defense report
The Olympic Games in Rio de Janeiro will attract more than just athletes and tourists this year. Hackers from across the world will also be on the prowl, trying to exploit the international event.   That means visitors to the Olympics and even people watching from home should be careful.

Cyberthreats related to the games will probably escalate over the coming weeks and could creep into your inbox or the websites you visit. Don't click if it's too good to be true The Olympics have become a beacon for cyber criminals, said Samir Kapuria, senior vice president with security firm Symantec.

A great deal of money is spent on the international event, so hackers naturally want a slice of the pie, he added. During past major sporting events, hackers have come up with fake ticketing and betting services to commit fraud on unsuspecting users.

They'll also use phishing emails and social media posts to spread malware. Computer users will see these messages and links, expecting to view a video on a record-breaking Javelin throw or a bargain on great seats to the event.

But in reality, they'll end up downloading ransomware that can take their data hostage, Kapuria warned. "Think before you click, especially if something looks too good to be true," he said. Thomas Fischer, a security researcher at Digital Guardian, has already been noticing an increase in phishing scams trying to take advantage of the Olympics. Typically, a user will receive an email loaded with an attachment that invites them to an Olympics ticket lottery.
Inside the attachment, however, is malicious code that will download the Locky ransomware and begin encrypting all the user's files. Hackers are already blanketing email addresses with this kind of attack.

They'll also pretend to be an organization like an Olympics committee, he added. "Anyone can receive these emails," Fischer said. "They usually come in English." Brazilian hackers like to target banking data Visitors who actually make the trip to Rio de Janeiro will be entering a country well known for online banking fraud, according to security firms.
It doesn't help that local laws there might not be strong enough to fight cybercrime. Trend Micro has been following the cyber crime scene in Brazil and noted in a report that hackers there "exhibit a blatant disregard for the law." "They will abuse social media and talk about their criminal enterprise, without fear of prosecution," said Ed Cabrera, the company's vice president of cybersecurity. Many of these Brazilian hackers are developing Trojans that pretend to be legitimate banking software, but in actuality can steal the victim's payment information. However, much of this Brazilian malware is focused on targeting local users, and not necessarily foreign tourists, Cabrera said. Tourists should still be careful, however.

Any banking Trojan can still be dangerous because the malware can spy on computer users, said Dmitry Bestuzhev, the head of global research for security firm Kaspersky Lab. He's warning visitors to be wary of ATM and point-of-sale machines in the country.

They often can be infected with malicious code that can secretly steal payment data once a banking card is swiped. "The attacker has the capability to intercept the data and then to clone the card," he added. Another danger is public Wi-Fi spots in Brazil, which often times are insecure.

A hacker can use them to eavesdrop on victims and steal their passwords, Bestuzhev said. He recommends users buy a VPN service to encrypt their Internet communications. Hacktivists and cyber terrorists could be lurking The other big threat that could disrupt the games is hacktivists, said Robert Muggah, a security specialist at Brazilian think tank the Igarapé Institute. Anonymous, for instance, is targeting the event and could end up embarrassing the local government.

The hacking group has already managed to temporarily shut down the official Rio Olympics website on May 11, and then Brazil's Ministry of Sports site on the following day, Muggah said. "Analysts are also concerned with Islamic terrorists," he added.

The extremist group ISIS has been trying to use the encrypted messaging app Telegram to attract sympathizers in Brazil. Local authorities, however, are bolstering their cybersecurity defenses, and the country is no stranger to holding major events, Muggah said.
In 2014, the country was the site of the World Cup. In the run-up to the Olympics, the U.S. government has launched a multimedia campaign pointing out the possible cyberthreats travelers may encounter in foreign countries.
In extreme cases, U.S. tourists could even be the targets of espionage, the campaign warns. At the very least, visitors heading to Rio de Janeiro should watch out for smartphone theft. Muggah said thefts are quite high in the country because the devices are so expensive. New iPhones, for example, have been known to cost about $1,000 in Brazil due to the local import tariffs and taxes.