Only a tiny fraction of the estimated 1 billion people watching the 2012 Summer Olympics will be there in person and have the Royal Marines protecting them. Admittedly, the Royal Marines might not be a whole lot of help when it comes to stopping cybercriminals who are likely licking their chops thinking of the targets following the games on PCs, smartphones and tablets.
According to an eMarketer report, smartphone ownership worldwide is now about 24 percent, up significantly from the 2010 games. Along with increased ownership is added risk for people using mobile devices, tablets and third-party applications. And, contrary to conventional wisdom, malware that can infect these devices can just as easily infect PCs.
“With such a large audience seeking information on the Olympic Games, cybercriminals will seize this opportunity to attack PCs, mobile devices and even tablets,” said Andreas Baumhof, chief technology officer, ThreatMetrix. “Cybercrime today is so advanced that in many cases users are completely unaware they are being attacked. The Olympic audience needs to be vigilant when browsing the Internet and researching the games. Whether you are searching for Michael Phelps or real-time medal count updates, make sure you are using sites that can be trusted – mainstream news sites, or better yet the official Olympics website.”
To prepare for the upsurge in cyberthreats, the London Organising Committee of Olympic Games allocated a quarter of its $3.1 billion budget to be spent on technology. While healthy amounts of time and money are being spent to make the games secure, consumers should still be on the lookout for potential dangers associated with watching and tracking the Olympics online or through mobile devices.
Following are the top five cyberthreats ThreatMetrix cautions consumers to be aware of:
• Mobile and Tablet Risk – Those watching the games via smartphones or tablets should be aware of third-party applications that are not authorized by the Olympics. Consumer devices can be attacked when malicious applications are downloaded, as evidenced by recent news around spam-distributing iPhone applications.
• Drive-by-Downloads – Malicious software can automatically begin downloading to consumers’ devices during a visit to an infected website, email or pop-up ad. Cybercriminals can easily link this software to seemingly authentic Olympic websites, for example the Flashback Trojan for Mac.
• Information Phishing – Disguised links from Facebook and Twitter are abundant, leading consumers to malware infected sites. Twitter links, for instance, are always shortened (e.g. bit.ly/…) and users can’t tell where these links lead – unless clicked on, which in turn, will instantly infect users’ devices. Another security concern is whether a particular account is legitimate – does the @CNNInternatDesk Twitter handle really belong to CNN?
• Search Engine Poisoning – When conducting online searches for information or images about the games, cybercriminals can redirect consumers to malicious websites. Rather than seeing an image of their favorite Olympian, the photo can actually infect consumers’ devices if the page containing the image is laced with malware.
• Ticketing Scams – Consumers should be wary when researching game tickets, and of emails offering ticket deals from third-party sources. These can lead to fraudulent transactions and stolen credit card information.
“All of the cybercrime risk associated with the Olympics can be overwhelming to consumers,” said Baumhof. “However, simple steps can be taken to avoid malware attacks associated with the Olympics. These steps include keeping all software up-to-date, using only official Olympic sites and applications and being hyperaware of all Web and mobile-device activity. Don’t click on any link that comes your way, even if it looks interesting – it may be a costly click.”
With consumers being at greater risk because of the games, so are online companies who do business with those consumers.