While the world is fixated on a possible terrorist attack at the XXII Olympic Winter Games in Sochi, Russia, there is another major threat linked to the games: cyber-related attacks.
On Tuesday, the U.S. Computer Emergency Readiness Team (CERT), part of the Department of Homeland Security, issued a report with security tips, saying hacktivists (activist hackers) and cybercriminals may attempt to take advantage of the international attention surrounding the games.
Hacktivists may try to capitalize on the games' large audience to spread their message, while cybercriminals may use the games to “lure in spam, phishing or drive-by-download campaigns to gain personally identifiable information or harvest credentials for financial gain,” the report said.
CERT also advises anyone physically attending the games to be aware that their communications will likely be monitored (by authorities, not only criminals).
A hacktivist group known as Anonymous Caucasus threatened companies that constructed buildings and other structures on land used by the games. The group claims the land contains the graves of 1 million Caucasians who were murdered by Russians in 1864.
The group has been linked to distributed denial of service (DDoS) attacks on Russian banks in October 2013. “Therefore, the group is likely capable of waging similar attacks on the websites of organizations they believe financed Olympic-related activities; however, no specific threat or target has been identified,” the report said.
Harmful actors may create fake websites and domains that appear to host official Olympic news or coverage, which could be used to deliver malware to an end user upon visiting the site. Such sties are also known as drive-by downloads or watering holes.
NBCUniversal offers exclusive coverage of the games for viewers via NBC, NBCSN, MSNBC, USA Network, NBCOlympics.com and corresponding Twitter, Facebook and Instagram accounts -- viewers should be wary of any other source claiming to provide live coverage.
Traveling To Sochi
CERT warned in the report that any electronic communication at the games should not be considered private.
Russia has a national system of lawful interception of all electronic communications. That legally allows the Russian FSB, the country's main intelligence agency, to monitor, intercept and block any communication sent electronically (e.g., cell phone or land line calls, Internet traffic, etc.). The system captures telephone and mobile phone communications, and it intercepts Internet traffic. It also provides long-term storage of all information and data on subscribers, including actual recordings and locations.
“Reports of Rostelecom, Russia’s national telecom operator, installing deep packet inspection (DPI ) technology, mean authorities can easily use key words to search and filter communications," the report said.