So, naturally, one can expect hackers to try to break everything.
Two reports this week revealed the extent to which cyberattacks are leaving the story behind.
- Security researchers have identified 16,000 fraudulent domains using the FIFA World Cup 2022 brand, cyber firm Group-IB said in a report on Tuesday.
- Cybercriminals are turning to fraud linked to the World Cup, from fake ticket sales to fake crypto tokens, cybersecurity company CloudSEK said in a report on Tuesday.
“The popularity of the FIFA World Cup has attracted viewers from all over the world. This, in turn, attracts a variety of cybercriminals, who want to exploit the various fans and participating organizations to make a quick profit,” CloudSEK reports. “Cybercriminals are motivated by financial gain, ideology, or geopolitical ties.”
These two bits of research cover only a fraction of the cybersecurity risk associated with the World Cup. Some of the concern is limited to this year’s host, Qatar, which has raised concerns about surveillance efforts by U.S. officials in recent years. European security regulators recently refused to download Qatar’s World Cup apps, saying they posed a serious privacy risk.
The Group-IB and CloudSEK investigations follow other warnings from the cybersecurity industry.
- State-sponsored hackers focused on intelligence gathering “could see the 2022 FIFA World Cup as a target area for cyber espionage and surveillance against foreign dignitaries and businessmen,” Recorded Future warned this month. But the firm said it did not expect attacks by foreign-sponsored hackers to disrupt the event.
- Also this month, Digital Shadows pointed out some scams by Group-IB and CloudSEK. At the same time, Kaspersky focused on fake match streaming services, among other threats.
- According to Trellix’s observations, the volume of malicious e-mails in Arab countries increased by 100 percent in October. “It’s common for attackers to use important/popular events as part of social engineering tactics and specifically target organizations associated with them. [the] event and prospective victim[s] to attack” Daksh Kapoor the and Sparsh Jane wrote for the company.
FIFA reported that almost 3.6 billion people watched the 2018 World Cup. That’s more than half of the world’s population of people 4 and older.
Group-IB calculated other numbers. In addition to 16,000 fraudulent domains, the firm said it found about 40 fake apps on the Google Play Store, more than 90 hacked accounts on Qatar’s Fan ID app, as well as dozens of fake social media accounts, mobile apps and ads.
One example: scammers created a fake merchandise website selling national team jerseys and plastered it with 130 ads on social media marketplaces. When the visitor enters their bank card details, the scammers take their victims’ money and even their card information.
CloudSEK also had math. FIFA World Cup 2018 has been subjected to 25 million cyberattacks every day, the company said.
Financially motivated hackers are doing things like selling fake Hayya cards needed for game-day stadium access, or offering fake “World Cup Tokens” and “World Cup Coins” and promoting them as limited-edition cryptocurrencies.
- The latter idea seems to come from the fact that Crypto.com is the official sponsor of the event. Similarly, Binance has teamed up with a soccer star Cristiano Ronaldo distribution of non-football themed tokens.
Hacktivists have been active this year as well– said the company.
“The World Cup has attracted the attention of hacker groups, who have mobilized their followers and allies on social media to boycott the 2022 FIFA World Cup in Qatar,” CloudSEK said. “Messages from groups like Anonymous have also been posted on cybercrime forums, calling on other threat actors to support them.”
Some of the hackers are targeting distributed denial-of-service attacks that flood a website with fake traffic, the company’s report said. These attacks are not as destructive as other types of cyberattacks, but they can be frustrating for people trying to access websites. Hacktivists say they are concerned about human rights violations in Qatar.
China uses surveillance as part of crackdown on Covid protests
The Chinese government is using its “widespread surveillance system” as it tries to quell protests linked to Covid. The Wall Street Journal’s Rachel Liang and Brian Spegele reported. Officials appear to be using cellphone data and other tools to track protesters and organizers.
According to a WeChat post by Qu Weiguo, an English professor at Fudan University in Shanghai, police in Shanghai and Beijing checked the phones of people near the protests to see if they had the Telegram app or virtual private networks on their phones. colleague Lyric Lee said today. Protesters used such services to avoid censorship.
White House press secretary Karin Jean-Pierre said she had no new information about the administration’s plans to help Chinese Internet users bypass China’s Great Firewall. In September, the Biden administration offered aid to Iranian protesters seeking to evade censorship and surveillance.
South Dakota contractors and employees banned from using TikTok on government devices
The ban was ordered by the governor of South Dakota. Christie L. November (R) signed on Tuesday Associated PressThis was reported by Stephen Groves. It comes as Washington is under renewed scrutiny of its short-form video app for surveillance and campaigning.
“The Chinese Communist Party uses the information they collect on TikTok to manipulate the American people, and they collect data from devices that have access to the platform,” Noem said in a statement. TikTok owner ByteDance did not respond to the AP’s request for comment on Noem’s statement and the ban, but TikTok’s chief operating officer Vanessa Pappas The company has previously said it protects the data of US users and that Chinese government officials do not have access to the data.
South Dakota’s ban comes as TikTok and a US government committee with the power to block international deals are working on a potential deal. The US military also banned TikTok from military government devices.
Twitter will no longer use its covid-19 misinformation policy, the company says
Since introducing the 2020 Covid Misinformation Policy, Twitter suspended more than 11,000 accounts and removed more than 100,000 pieces of content for policy violations. Now the company is ending the ban, the last part of it Elon Musk’s Buy Twitter.
The change has worried some public health experts, who say some people may be reluctant to get the vaccine. Taylor Lorenz Reports. At the same time, monitoring which content violates the policy has been a challenge for Twitter, which has been criticized for censoring some content that turns out to be true.
“However, Twitter has been fighting to police misinformation and has recently started calling some factual information about covid misinformation and banning scientists and researchers who try to warn the public about the long-term damage covid can do to the body,” writes Taylor. “Last weekend, the platform was left with a lot of tweets promoting anti-vaccine content and misinformation about covid.”
No answers to Pegasus hack scandal as Spanish spy remains silent (Euronews)
NHS’s Palantir deal draws legal threat from patient groups (Bloomberg News)
UK Parliament launches National Security Strategy inquiry into ransomware (The Record)
TSA to consider use of third-party assessors in upcoming pipeline rules (NextGov)
DOD Wants Cyber Learning for Contractors, But Acquisition Rules May Be Stumbling Blocks (FCW)
- Deputy National Security Adviser Anne NeubergerGovernor of Maryland. Larry Hogan (R), Director, National Institute of Standards and Technology Lori Locasio and other officials are speaking at the Quantum World Congress in Washington on Wednesday and Thursday.
- National Cyber Director Chris EnglishCISA Executive Director Brandon Wales and Neuberger are speaking at a meeting of the National Security Telecommunications Advisory Committee on Thursday at 3:30 p.m.
Thank you for reading. See you tomorrow.