6 C
Wednesday, November 22, 2017
Home Tags World Cup

Tag: World Cup

Where will you watch clips from the biggest soccer tournament next year?
'Net pics last forever, login details ... send The campaign for a leadership candidate for the UK's Labour party, Owen Smith, accidentally tweeted a photo that showed the login details for the campaign's phone bank system over the weekend. Security experts have chided the Labour leadership candidate for the cockup, which follows similar mistakes by organisers of the World Cup in Brazil and the Duke of Cambridge’s former RAF base. “Tweeting a photo of security credentials – no matter what they are for – is a stupid mistake and it indicates a lack of thought about even the most basic security needs,” said Ed Macnair, chief exec of CensorNet. “It’s a perennial problem and we need to do better at educating the nation on the dangers. While this incident might have evoked laughs, the next time may not be quite so funny.” “There’s going to be some red faces in the Owen Smith campaign office.

Clearly no harm was done, but it’s a perfect example of people being a huge security risk,” he added. ®
Virtually, that is. Zeus trojan ported to bash Brazil banks Criminals are ramping up their online presence in Rio de Janeiro, where the Olympic Games will open on Friday, August 5 – with IBM and Fortinet reporting new banking trojans and cyber crime activity in Brazil. Big Blue has reported a variant of the Zeus trojan has emerged on crime forums targeting local banks and exploiting financial habits of users in the country in what is evidence the trojan is not a mere copy-and-paste effort. The Panda Banker trojan began in Europe and the US hitting banks in the region earlier this year before being ported to smash the home of the looming 2016 Olympics. The Brazilian variant targets 10 unnamed national banks and localised payment services and is being flogged by the original developers under a subscription payment model. Panda can also raid Bitcoin exchange credentials, airline loyalty programmes, prepaid cards and gambling sites, IBM X-Force researchers say. Its customisation continues: the trojan has been written to target a local security firm, a supermarket chain, and even law enforcement. Researchers suggest the possibly Russian-speaking designers are worked in concert with Brazil locals to develop the latest variant. "Panda grabs login credentials on the fly, is capable of injecting malicious code into ongoing web sessions to trick users with social engineering, and its operators are versed in the use of automated transaction panels," researchers say. "Panda’s operators’ favoured fraud methodology is account takeover, in which victim credentials are robbed and then used by the attacker to initiate a transaction from another device." Most infection comes via Word documents and poisoned macros with pop-up windows used to capture one-time banking passwords. Meanwhile Fortinet is warning of a huge 83 per cent spike in malicious domains and phishing URLs in Brazil across June compared to the global average of 16 per cent. Researchers with the company write in its latest threat report [PDF] that some 3,800 malicious government (gov.br) sites have spun up that target bureaucrats and Olympics officials. "As the 2016 Rio Olympics unfold, the history of increased attacks will undoubtedly continue and FortiGuard Labs is already seeing indicators of repeat techniques such as domain lookalikes for payment fraud and malicious websites or URLs targeting event and government officials," security strategist Ladi Adefala says. The findings are similar to those affecting previous major sporting events like the soccer World Cup and previous Olympic Games. In January Trend Micro found as part of its series of analysis on regional cybercrime markets that Brazil's underground was booming. Researchers at the firm said the South American nation had an "influx" of new criminals to its online communities who shirk anonymity when draining user bank accounts with malware and openly boast of their success. ® Sponsored: 2016 Cyberthreat defense report
A few years ago, spammers and scammers were not as interested in the Olympics as they were in football (the World Cup and European Championships).

The first major increase in the number of spam messages devoted to the Olympic Games occurred in the run-up to the Winter Olympics in Sochi in 2014.
Since then, their interest in the Olympics has shown no sign of weakening and the upcoming event in Brazil is no exception. Back in 2015, a year before the Olympics in Rio, we registered fake notifications of lottery wins allegedly organized by the country’s government and the International Olympic Committee.
Similar emails continue to be sent in 2016.

The vast majority of these messages contain a DOC or PDF attachment, while the body of the message includes only a brief text asking the recipient to open the attachment. The name of the DOC file, the name of the sender and the subject line of the email often mention the Olympic Games. The content of these attachments is fairly standard: a lottery was held by an official organization; the recipient’s address was randomly selected from a large number of email addresses, and to claim their winnings the recipient has to respond to the email and provide the necessary personal information. We also came across emails without attachments; the text written by the scammers was included in the body of the message. English is undoubtedly the most popular language used in fraudulent emails exploiting the Olympics theme, but we have also registered messages in other languages, for example Portuguese.
In these the spammers stuck to the same story of a lottery win, trying to convince the recipient that the email is genuine. In addition to fraudulent spam, we have registered unsolicited advertising messages containing offers for various goods and services that, one way or another, use the Olympics to grab the attention of recipients. For example, spammers have been pushing new TVs for watching sporting events. They also promised to make the recipient an “Olympic champion” with the help of magic pills. Taking any of these emails seriously enough to reply to them could well leave you out of pocket.

But the biggest hit that sporting fans’ wallets are likely to take are from fake ticketing services. We are constantly blocking dozens of newly registered domains with names containing the words “rio”, “rio2016” and so on.

Each of these domains hosted good quality imitations of official services offering tickets to sporting events at this summer’s games in Rio de Janeiro. The scammers register these domains to make their sites look more credible; for the same purpose, they often buy the cheapest and simplest SSL certificates.

These certificates are registered within a few minutes, and certification authorities don’t verify the legal existence of the organization that has issued the certificate.

The certificates simply provide data transfer over a secure protocol for the domain and, most importantly, gives fraudsters the desired “https” at the beginning of their address. If you examine the whois data for such domains, you will find that they have only been registered recently, for a short period of time (usually a year) and in the names of individuals. Moreover, the detailed information is often hidden, and the hosting provider could be located anywhere, from Latin America to Russia. The sites are necessary to implement a simple scam whereby the phishers ask for bank card information, allegedly to pay for tickets, and then use it to steal money from the victim’s bank account.
In order to keep the buyer in the dark for some time, the scammers assure them that the payment has been received for the tickets and that they will be sent out two or three weeks before the event. As a result, the criminals not only steal the victim’s money but deprive them of the chance of attending the Olympics – by the time they realize they won’t be getting the tickets they booked it will be too late to buy genuine tickets… especially if there’s no money in their bank account. According to our information, the creation of these fake sites usually involves international cybercriminal groups, each fulfilling its own part of the scam. One group creates a website, the second registers the domains, the third collects people’s personal information and sells it, and the fourth withdraws the cash. To avoid falling victim to the scammers’ tricks, sports fans should be careful and only buy tickets from authorized reseller sites and ignore resources offering tickets at very low prices.

The official website of the Olympic Games provides a list of official ticket sellers in your region and a service that allows you to check the legitimacy of sites selling tickets. Also, we strongly recommend not buying anything in stores advertised in spam mailings or advertising banners, whether it’s tickets or souvenirs related to the Olympics.

At best, you’ll end up with non-certified goods of dubious quality, and at worst – you’ll just be wasting your money.

For those who cannot resist impulse purchases, we recommend getting a separate bank card that is only used for online payments and which only ever has small sums of money on it.

This will help to avoid serious losses if your banking information is stolen.
Alleged online gambling ring broken up after agents posed as the cable guy.
The incident that could have "affected the integrity of the game," NFL says.
Russian coach blames World Cup draw on fan's laser pointer aimed at goalkeeper.
The militant Islamic group ISIS, which is battling for control of several major cities in Iraq, is hijacking Twitter hashtags for the 2014 World Cup to spread its message. The group is using hashtags such as #ENG and #Brazil2014 to seek recruits and spread propaganda through social media, according to The Independent. The group is also targeting English Premier League clubs by hijacking hashtags such as #MUFC, #WHUFC, #LFC and #THFC. Many of the messages using the hijacked hashtags link to a video featuring a 20-year-old medical student from Cardiff who travelled to Syria to fight for ISIS. The hijacking of Twitter hashtags is just one element of an increasingly sophisticated social media campaign by ISIS. The group has also developed an Arab-language Twitter app that updates users on the latest ISIS developments. The app is also being used to gather personal data on users and enables ISIS to send tweets from users’ Twitter accounts. Twitter has shut down a number of ISIS-affiliated accounts under rules that ban the use of threatening language and racial or religious hatred, but they are quickly being replaced by new accounts. In an attempt to halt the use of social media for propaganda purposes, the Iraqi government is blocking access to all the major networking sites. But civil liberties groups have criticised the block, arguing that just as in Turkey, government blocks harm those using social media for legitimate purposes. “They are cutting off a lifeline for activists and others to the outside world,” said Jillian York, director for international freedom of expression at the Electronic Frontier Foundation. A Facebook spokesperson said: "Limiting access to internet services, which are essential for communication and commerce for millions of people, is a matter of concern for the global community." Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK
Cyber-criminals use the quadrennial soccer contest as a phishing lure for unsuspecting victims, while Anonymous supports domestic protesters by defacing Web sites and by launching denial-of-service attacks. As the ultimate contest for the world's most popular sport, the Federation Internationale de Futbol Association (FIFA) World Cup attracts billions of viewers during the month the tournament runs. Little wonder, then, that the contest also attracts cyber-criminals and online protesters as well. Since early June, fraudsters have expanded their use of the World Cup as a lure in phishing emails and online scams, attempting to persuade users to click on malicious links, according to security firms. Citizen protests over the enormous spending—including more than $3.6 billion in taxpayer money—by the Brazilian government on stadiums and infrastructure required to host the games have attracted online denial-of-service attacks and Web site defacements. Hackers linked to the Anonymous philosophy have claimed responsibility for a number of attacks, including the leak of email from Brazil's Foreign Ministry in late May and a denial-of-service (DoS) attack on the Web site of the Military Police of São Paulo, according to security firm Radware, which is tracking the attacks. "There are a lot of attacks going on, and they are across the spectrum," Carl Herberger, vice president of security solutions for Radware, told eWEEK. "From sporting sites to government sites and even advertisers, this has risen above the level of nuisance attacks." In a number of operations, Anonymous-linked hackers have defaced some sites and made others inaccessible. In an interview published on May 30, one spokesperson for the protesters stated that activists are calling attention to the excessive spending on a sporting event in a country that continues to have problems providing basic services. While the clamor surrounding the World Cup is fertile ground for cyber-criminals, the controversy surrounding the Brazilian government's spending on the monthlong contest has resulted in protests across the country and support from cyber-activists. The 2014 World Cup's price tag reached more than $11.5 billion, nearly $3.6 billion of which was spent on stadiums, according to the Wall Street Journal. More than a million Brazilian citizens took to the streets in protest last year, and less than half now support the decision to host the World Cup. The added drama has increased the level of attention paid to the World Cup by cyber-criminals, who regularly use popular events as a lure for phishing attacks and social engineering. Scams range from fraudulent video players that fraudsters claim can be used to watch World Cup matches to emails that claim the recipient has won tickets to Brazil. The fraudulent email messages, for example, contain ZIP files that will install a malicious Trojan when opened, according to Symantec. "Inside the zip file is an executable which, if executed, will allow your computer to be taken over by a remote administration tool (RAT) known as DarkComet," the company stated in an analysis.  
This month, the media has been awash with stories on cyber crime. The most recent and prevalent threats were the CryptoLocker Virus, which was intercepted by Europol’s European Cyber Crime Centre, and a piece of malware called GameOver Zeus, which the US government has described as the most “sophisticated and damaging botnet we have ever encountered”. In the case GameOver Zeus, the group behind the attack crafted a phishing email to trick their way on to the victims' machines, often masquerading as urgent messages from government bodies.  Once the recipient clicked the email’s attachment or embedded link, the virus installed itself on the victim’s machine. US court documents say GameOver Zeus has caused $100m in losses to individuals and businesses since it first surfaced in 2007, with its primary purpose to capture banking credentials that would allow the hackers to steal huge sums of money and personal data. CryptoLocker, on the other hand, is a piece of malicious software known as ‘ransomware’. Once installed, the malware encrypts data on an infected computer making it inaccessible until a ransom is paid. International security services estimate that almost $30m has already been extorted from people with infected computers. With the World Cup in Brazil now underway, computer security software company MacAfee has pulled together a ‘red card club’ showcasing the top 11 Brazil-bound players considered to pose a significant online security threat.  According to MacAfee, football fans have a 3.7% chance of landing on a website that has tested positive for online threats and malware. For example, cyber criminals are most likely to use Cristiano Ronaldo to lure visitors to web pages designed to infect them with malware. Furthermore, sites purporting to offer screen saver downloads and videos of players are considered to be the most hazardous. To mitigate the threat of scoring an inadvertent own goal this summer, web users can ensure a strong back line by implementing these four defensive principles: Use and maintain anti-virus software to protect your computer against most known viruses. Change your passwords regularly and make back-up copies of important files that cannot be replaced if lost. Beware of content that prompts you to download anything before providing you with the content. Instead opt to watch streaming videos or download content from official websites. Keep operating systems and application software up to date and use anti-malware tools to help eliminate infections. Install software patches so attackers cannot take advantage of known problem or vulnerabilities. In the event you find yourself the victim of one of these malicious attacks, do not despair. The Computer Misuse Act, Data Protection Act and established criminal proceedings for blackmail and extortion can help ensure a strong and successful counter-attack. Thomas Harris is digital forensics and security expert at Schillings Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK This was first published in June 2014
When done right, secret URLs could be suitable for protecting lower-value accounts.
Today is a big day for online bookmaker Betfair – it is the first day of 20th Fifa World Cup. CIO Michael Bischoff is confident that Betfair's IT infrastructure is ready to provide betting and sportsbook services to even more customers than before. "It is a big day but we are prepared," he tells Computer Weekly. "We have spent a lot of time engineering our IT architecture on an ongoing basis." While the World Cup is important, so is Wimbledon, spring racing, Champions League, the FA Premiership, and that’s why the IT team constantly works to improve the infrastructure to deliver smooth services to its users, he says. Betfair’s underlying IT infrastructure is ready for the games and the team is focusing more on how to translate its great back-end infrastructure to a smooth customer experience. Engaging with social media “This World Cup is more special because it is the first real social world cup,” says Bischoff.  “Twitter has become a standard medium of communication for sporting fans while a game is on. It has changed how our customers talk to each other and how they engage with sports and betting exchanges.  "We realised pretty early on that social is going to be big and we designed our IT infrastructure to help us introduce social into the play.”  One element of this is Betfair's online tool Cash Out, that will allow users to lock in a profit or reduce exposure at the touch of a button without having to trade manually. Flexibility in the IT infrastructure Betfair's infrastructure has all the elements of a modern infrastructure – private cloud, public cloud, software as a service (SaaS), software-defined features and automation capabilities, and is mobile-ready.  IT's aim is to give users what they want and we use any technology products that can help us provide that in the best possible way Michael Bischoff, Betfair "IT's aim is to give users – both internal and external – what they want," says Bischoff, “and we use any technology products that can help us provide that in the best possible way. All clouds are not created equal, so we believe in consuming services that serve our needs.” As a result, Betfair has a hybrid and heterogeneous IT environment. It uses VMware vCloud suite for automation and orchestration and uses Amazon Web Services' (AWS) public cloud RedShift data warehouse service. “VMware’s vCloud suite has helped us automate the layer of our infrastructure and give it to the development team to build apps on,” he says.  Bischoff and his team have their IT priorities straight. “Aspects like network virtualisation and storage virtualisation are important, but not at this moment for us. Right now, we want to give our developers what they want, make our infrastructure’s interface friendly for the developers to write apps and integrate the teams,” he says. Adopting a DevOps strategy As a result, Betfair has become one of the adopters of DevOps strategy. “We see DevOps as the ability to have a simple, seamless integrated flow between a business idea and its production,” says Bischoff. DevOps is an IT practice of merging the siloes between tasks performed by a company's application development team and those performed by the systems operations team.  In traditional IT setup, the apps development team understands the business needs and writes code and the software program. The program is then passed to the testing and development team, which tests the apps in isolation. If the testing is successful, the development team then sends the program back to the operations team to be rolled out to users.  But working in isolation leads to frustration and inefficiencies, as each team does not understand the limitations or challenges of the other. “We are still on the journey with DevOps,” says Bischoff. “It is not about just having a vision. Much of it is about changing people and processes and business culture.” The line between software and infrastructure is blurring fast and that’s the future, he insists. “Software is eating into the datacentre and the future is going to be all about automation." Betfair uses VMware vCloud suite to abstract and automate its infrastructure layer for apps development, and uses AWS Redshift to get access into data and insights from customers to then find revenue-generating opportunities. “We are actually pretty pleased with Redshift and how it helps us in data analytics,” says Bischoff. Aligning business and IT requirements According to Bischoff, IT strategies must not only be about cost savings or even provisioning services quickly. “That’s a given. These bits are necessary but not sufficient today,” he says. “It has to be strongly aligned to business requirements,” he advises. “Adopting SaaS has been a boon to us. It has freed up IT’s time to focus on core things that will generate revenue,” he says. So what about shadow IT? Does Bischoff, like many other CIOs, feel threatened by it? “If you asked me whether I know the exact number of cloud services used by Betfair staff, I wouldn’t know. Shadow IT exists – it is real and we have to accept it and embrace it. “I have 1,700 colleagues, all trying to innovate business aspects. I cannot constrain that. I cannot curate the internet. But at the same time, we are a heavily regulated player and have to comply with strict data and financial regulations,” he says. According to Bischoff, an enterprise’s IT has to become a trusted partner and work with everyone in an organisation. “If the IT is going to say, ‘Right, you did this without asking us and we are going to lock you down,’ it won’t work. “What will happen is, the next time some marketing employee uses their credit card to purchase a cloud service or download a free cloud service, they will not even tell you. “A CIO should engage with other business colleagues and ask them how the IT team can help them with their favourite IT services. That’s why IT brokerage has become so much more important today,” he says. Plan for the future In the three years since he joined Betfair, Bischoff has made it his priority to adopt more SaaS and reduce datacentre complexities. He did not inherit any mainframes or legacy infrastructure, but that doesn’t mean his journey has been without challenges. “In the past three years, mobile access of data by customers has become a big thing for us. Users are expecting IT delivery an awful lot quicker and we have had to enable that.”  Software is eating into the datacentre and the future is going to be all about automation Michael Bischoff, Betfair The mobile world is moving so fast that the apps Betfair created 18-24 months ago are termed as “heritage apps” today. “That’s the challenge of the online business – innovate your enterprise infrastructure as fast as the consumer tech.” Bischoff has created a resilient, agile, software-defined, automated, hybrid IT that can give customers the experience they want. But it has also helped the company save money on capital expenditure. The gambling firm has reported an annual pre-tax profit of £61.1m, which is a major turnaround from last year’s losses of £49.4m. “It is the result of all our efforts and the vision of our new chief executive, Breon Corcoran. But our technology has had a big role to play too.” Moving forward, Bischoff plans to use more cloud-based software, platform and infrastructure services. Betfair uses a few colocation datacentres that Bischoff wants to consolidate. “I anticipate that the datacentre square footage we own currently will go down as we use more SaaS and hybrid IT." But right now, he wants to enjoy the World Cup and provide Betfair’s customers with a smooth online betting experience. Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK