Security experts have warned travelers to the Rio Olympics and those searching for updates back at the office to exercise extra caution in order to avoid what’s likely to be a barrage of cyber threats.
The Summer Games kick off next Friday and, as always, cyber-criminals will be primed to capitalize on the huge global interest in the event.
“With almost half a million people forecasted to travel to Rio, your physical and cyber safety should be high on your packing list,” said Mandy Huth, director of cyber security for networking company Belden.
“If you are heading to Rio, take a few minutes to review your security hygiene. Good cybersecurity will help you avoid potential cyber-attacks and scams when you see your favorite events.”
She urged travelers to ensure any laptops are protected with full disk encryption to protect any data on them in the event of theft or loss. Another handy tip is to switch on "hibernate" or "shut down" modes as "sleep" mode will not invoke encryption.
Visitors to Rio were also urged not to use any public Wi-Fi networks but instead utilize VPNs or private hot spots.
Other tips include switching on a laptop privacy filter to minimize the risk of shoulder surfing, ensure auto-lock kicks in after a few minutes, and to keep laptops and mobile devices out of sight where possible.
It’s not just those traveling to Brazil that are at risk, however, with Zscaler warning that in the past, a whopping 80% of ‘Olympic’ web domains were actually found to be scams or spam.
Online scams designed to phish personal information or install malware on computers will be rife during the event and can arrive in many forms – from emails to social posts, typosquatting domains, malicious apps and even over-the-phone scams.
Bogus ticketing sites and pages offering free live streaming of events are just two of the likely lures used by cyber-criminals before and during the event.
The one saving grace for IT managers is that few of the tactics used by the black hats are likely to be new, according to the cloud security firm.
“Cyber-criminals will look to play on our anticipation of the Games this year” claimed Zscaler EMEA CISO, Chris Hodson.
“Businesses need to ensure that they are able to identify phishing sites and detect scripts which are running in webpages which could be malicious. Relying on URL filtering and reputation off-site is no longer an appropriate cybersecurity defencse framework. Streaming sites should be enabled on a whitelist-only approach”
He added that firms should be blocking access to third party app stores as a matter of course to further lock down risk.