The Olympic Games have already begun for hackers around the world.Alex Kirk, a senior researcher with Sourcefire Inc.’s vulnerability research team, says any big event that attracts people’s interest — whether it’s the Olympics, a tsunami, or a political scandal — is a golden opportunity for cybercriminals.
Kirk’s team has been collecting intelligence on a number of threats related to the Olympics, including phony Web sites and phishing scams. There are a lot of bad links in the wild. And they’re out there, trying to find patterns or common threads by simply clicking all of them in a “giant sandbox environment,” he says.
One of the first exploits they found was a ticket scalping scam, says Kirk. People searching for second-hand tickets would see malicious Web sites in the results, driven higher in Google’s ranks by SEO-savvy hackers. When they clicked the link, they’d be hit with an exploit kit capable of targeting around 10-12 vulnerabilities in applications like Internet Explorer or Adobe Acrobat.
“When it loads,” says Kirk, “it will try to exploit one vulnerability after another on the target machine until it finds one that the machine is vulnerable to, or it hasn’t been patched. And as soon as it finds one of these exploits that works it will then drop a piece of malware, which essentially is, most of the time, a loader for other chunks of malware.”
With the malware firmly in control of your machine, it will then contact a command-and-control server somewhere in the world to ask for additional malware, which could do anything “sending spam to stealing banking details to looking for confidential documents,” he adds.
Another security firm, ThreatMetrix, has offered several tips to protect yourself during the Olympics. Like Sourcefire, It also cautions against buying tickets second-hand online and advises caution in clicking on unknown Web sites purportedly covering the Olympics. Just one click could put your computer in a world of hurt. As mentioned above, hackers know how to do search engine optimization, and they’re often able to get their sites ranked high in Google. Also beware of shortened links, commonly used in social media platforms like Twitter. These can disguise suspicious-looking names.
While all of this sounds overwhelming, ThreatMetrix’s CTO, Andreas Baumhof, says basic security precautions should keep you safe, including “keeping all software up-to-date, using only official Olympic sites and applications and being hyperaware of all Web and mobile device activity.”
“Don’t click on any link that comes your way,” he says, “even if it looks interesting — it may be a costly click.”
And finally, here’s a low-tech tip: Keep your smart phone in a safe place. Venafi, a vendor of enterprise key and certificate management products and services, estimates that roughly 27,000 smartphones will be stolen during the Olympics. All together, the stolen phones will hold at least 214.4 terabytes of data, the company says.
But unlike with hackers online, there’s no organized effort here (roughly 20,000 smart phones are stolen in any given two-week period in London). The number is expected to increase simply because London’s population will swell temporarily during the games.
(With files from Tony Bradley and Taylor Armerding)