So naturally, you can expect hackers to try to screw things up.
Two reports this week shed light on the extent to which cyberattacks are eating into this event.
- Security researchers have identified 16,000 phishing domains using the 2022 FIFA World Cup branding, networking company Group-IB said in a Tuesday report.
- Cybersecurity firm CloudSEK says cybercriminals are turning to a range of scams, from selling fake tickets to fake crypto tokens, tied to the World Cup.
“The hype and popularity of the FIFA World Cup has attracted audiences from all over the world. And this in turn attracts many cybercriminals, who want to exploit the diverse following of fans and participating organizations, to make quick money,” said the CloudSEK report. “Cybercrime is motivated by financial gain, ideology, or geopolitical affiliation.”
Those two pieces of research only capture a fraction of the cybersecurity scare associated with the World Cup. Some worries are specific to this year’s host, Qatar, a country that has sparked growing concern from US officials in recent years about their surveillance efforts. European security regulators recently warned against downloading Qatar’s World Cup apps, saying they pose significant privacy risks.
Research by Group-IB and CloudSEK follows other warnings from the cybersecurity industry.
- Recorded Future warned this month that state-sponsored hackers focused on intelligence gathering “could see the 2022 FIFA World Cup as a highly targeted environment for cyber espionage and surveillance.” against foreign dignitaries and businessmen.” However, the company said it does not expect disruptive attacks on the event from foreign-backed hackers.
- Also this month, Digital Shadows called attention to some of the same scams that Group-IB and CloudSEK have done. Meanwhile, Kaspersky called attention to fake match streaming services, among other threats.
- Malicious email volume in Arab countries increased by 100% in October, as observed by Trellix. “Attackers often use important/popular events as part of social attack tactics and specifically target organizations associated with [the] more promising events and victims[s] for the attack,” Daksh Kapur and Sparsh Jain wrote to the company.
Nearly 3.6 billion people watched the 2018 World Cup, FIFA said. This number accounts for more than half of the world’s population consisting of people aged 4 years and over.
Group-IB counts other numbers. Besides 16,000 phishing domains, the company said it found about 40 fake apps in the Google Play Store, more than 90 potentially compromised accounts on Qatar’s Hayya fan ID app, as well like dozens of fake social media accounts, mobile apps and ads.
An example: Scammers set up a fake website aimed at selling national team t-shirts, hyping it up with 130 ads on social media marketplaces. When a visitor enters their bank card details, scammers make money with the victim’s money and possibly even their card information.
CloudSEK also has some math. The 2018 FIFA World Cup was subjected to 25 million cyberattacks daily, the company said.
Financially motivated hackers are doing things like selling fake Hayya tokens needed to enter the stadium on match day, or offering fake “World Cup tokens” and “World Cup coins” and advertising them. Report them as limited edition cryptocurrencies.
- The latter idea seems to be taking advantage of the fact that Crypto.com is the official event sponsor. Likewise, Binance has partnered with soccer star cristiano ronaldo to promote football-themed non-fungible tokens.
Hacktivists are also active this yearthe company said.
“The World Cup has attracted the attention of hacker groups, who have used social media to rally their followers and allies to boycott Qatar’s 2022 FIFA World Cup,” according to CloudSEK. “Messages from groups like Anonymous have also been posted on cybercrime forums calling for other threat actors to assist them.”
The company’s report says some attackers are focusing on distributed denial-of-service attacks that flood a website with fake traffic. Those attacks are not as destructive as other types of cyberattacks, but they can annoy people trying to access a website. Hackers advocates say they are concerned about human rights violations in Qatar.
China uses surveillance as part of anti-covid crackdown
In trying to quell covid-related protests, the Chinese government is using its “comprehensive surveillance system”. The Wall Street Journal Rachel Liang and Brian Spegele report. Officials appear to be using cell phone data and other tools to track protesters and organizers.
Police in Shanghai and Beijing checked the phones of people near the protest sites to see if they had the Telegram app or virtual private network on their phones, according to a WeChat post by Qu Weiguo, Professor of English at Fudan University in Shanghai. colleague Lyric Li reported today. Protesters have used such services to avoid censorship.
White House press secretary Karine Jean-Pierre said she did not have any new information on whether the administration plans to help Chinese internet users bypass China’s “Great Firewall”. In September, the Biden administration offered to help protesters in Iran seeking to evade censorship and surveillance.
South Dakota contractors and employees banned from using TikTok on government devices
The ban was introduced in an executive order that the Governor of South Dakota. Kristi L. Noem (R) signed on Tuesday, the Related press‘ Stephen Groves reported. It comes as Washington is scrutinizing the short-form video app for surveillance and propaganda concerns.
“The Chinese Communist Party uses the information it collects on TikTok to manipulate the American people, and it collects data from devices accessing the platform,” Noem said in a statement. TikTok owner ByteDance did not respond to AP’s request for comment on Noem’s statement and the ban, but TikTok executives Vanessa Pappa previously said that the company protects the data of US users and that Chinese government officials do not have access to the data.
South Dakota’s ban comes as TikTok and a US government committee with powers to block international deals are working to reach a potential deal. The US military has similarly banned TikTok on military government devices.
Twitter no longer enforces covid-19 misinformation policy, company says
Since introducing a policy against covid misinformation in 2020, Twitter suspended more than 11,000 accounts and removed more than 100,000 content for policy violations. Now the company is ending the ban, in the following latest axis by Elon Musk Twitter acquisition.
The change has worried some public health experts, who say it could discourage some people from getting vaccinated. Taylor Lorenz report. At the same time, patrolling what content violates policies is a challenge for Twitter, which has been criticized for censoring some content that turns out to be true.
“However, Twitter has also struggled to police misinformation accurately, and recently started labeling certain facts about covid as misinformation and banning scientists. and researchers trying to warn the public about the long-term effects of covid on the body,” Taylor wrote. “Since last weekend, numerous tweets promoting anti-vaccination content and covid misinformation remain on the platform.”
No answers on Pegasus hacking scandal as Spanish spy chief goes silent (Euronews)
NHS Palantir deal poses legal threat from patient groups (Bloomberg News)
UK Parliament opens investigation into national security strategy around ransomware (The Record)
TSA considers use of third-party evaluators in upcoming pipeline regulations (NextGov)
DOD wants online apprenticeships for contractors, but acquisition regulations may still be an obstacle (FCW)
- Deputy National Security Advisor Anne NeubergerGovernor of Maryland Larry Hogan (right), Director of the National Institute of Standards and Technology Laurie Locascio and other officials speak at the Quantum World Congress in Washington on Wednesday and Thursday.
- National Network Director Chris InglisCEO of CISA Wales and Neuberger speak at the meeting of the National Security Telecommunications Advisory Committee on Thursday at 3:30 p.m
Thanks for reading. See you tomorrow.