So naturally, you can expect hackers to try to destroy everything.
Two reports this week shed light on the extent to which cyberattacks are derailing the event.
- Security researchers identified 16,000 fraudulent domains using FIFA World Cup 2022 branding, cyber firm Group-IB said in its report on Tuesday.
- Cybercriminals are turning to a variety of scams, from selling fake tickets to fake crypto tokens, linked to the World Cup, cybersecurity firm CloudSEK said in its report on Tuesday.
“The hype and popularity of the FIFA World Cup has attracted audiences from all over the world. And this in turn attracts a variety of cybercriminals who want to exploit the various fan followings and participating organizations to make a quick buck,” the CloudSEK report states. “Cybercriminals are motivated by financial gain, ideology or geopolitical affiliations.”
These two pieces of research capture just a fraction of the cybersecurity fears surrounding the World Cup. Some of the concerns are specific to this year’s host, Qatar, a nation that has drawn increasing concern from US officials in recent years over its surveillance efforts. European security regulators recently warned against downloading Qatar World Cup apps, saying they pose significant privacy risks.
The research by Group-IB and CloudSEK follows other warnings from the cybersecurity industry.
- State-sponsored hackers who focus on intelligence gathering “are likely to find the 2022 FIFA World Cup a rich environment for cyberespionage and surveillance targets against foreign dignitaries and businessmen alike,” Recorded Future warned this month. However, the firm said it did not expect disruptive attacks on the event from foreign-backed hackers.
- Also this month, Digital Shadows drew attention to some of the same types of scams that Group-IB and CloudSEK did. Kaspersky, meanwhile, drew attention to fake match streaming services, among other threats.
- The volume of malicious emails in Arab countries increased 100 percent in October, according to Trellix observations. “It is a common practice for attackers to use important/popular events as part of social engineering tactics and specifically target organizations dealing with [the] most promising event and victim[s] for the attack” Daksh Kapur AND Sparsh Jain wrote for the company.
Nearly 3.6 billion people watched the World Cup in 2018, FIFA said. This accounted for more than half of the globe’s population aged 4 and over.
Group-IB counted other numbers. In addition to the 16,000 fraudulent domains, the firm says it discovered about 40 fake apps on the Google Play Store, more than 90 potentially compromised accounts on Qatari fan ID app Hayya, as well as dozens of fake social media accounts, mobile apps and advertising.
One example: Fraudsters created a fake merchandise website that purported to sell national team T-shirts, injecting it with 130 ads on social media marketplaces. When a visitor enters their bank card details, the fraudsters make off with the victims’ money and possibly their card information.
CloudSEK also had some math. The 2018 FIFA World Cup was subjected to 25 million daily cyberattacks, the company said.
Financially motivated hackers are doing things like selling fake Hayya cards needed to enter a stadium on game day, or offering fake “World Cup Tokens” and “World Cup Coins” and promoting them as limited edition cryptocurrencies.
- The latter idea seems to be taking advantage of the fact that Crypto.com is an official event sponsor. Likewise, Binance has teamed up with the soccer star Cristiano Ronaldo to promote non-exchangeable football themed tokens.
Hacktivists have been active this year as wellthe company said.
“The World Cup has attracted the attention of hacktivist groups, who have used social media to rally their followers and allies to boycott the 2022 FIFA World Cup Qatar,” according to CloudSEK. “Messages from groups such as Anonymous have also been posted on cybercrime forums to call on other threat actors to support them.
Some of the hacktivists are focused on distributed denial-of-service attacks that flood a website with fake traffic, the company’s report said. These attacks are not as destructive as other types of cyberattacks, but they can be frustrating for people trying to access websites. Hacktivists say they are concerned about human rights violations in Qatar.
China uses surveillance as part of crackdown on Covid protests
As it tries to quell Covid-related protests, the Chinese government is using its “widespread surveillance system”. Wall Street Journal’s Rachel Liang and Brian Spegele reported. Officials appear to be using cellphone data and other tools to track protesters and organizers.
Police in Shanghai and Beijing checked the phones of people near the protest sites to see if they had the Telegram app or virtual private networks on their phones, according to a WeChat post by Qu Weiguo, a professor of English at Fudan University in Shanghai. colleague Lyric Li reported today. Protesters have used such services to avoid censors.
White House press secretary Karine Jean-Pierre said she had no new information on whether the administration planned to help Chinese Internet users bypass China’s “Great Firewall.” In September, the Biden administration offered aid to Iranian protesters seeking to evade censorship and surveillance.
South Dakota state contractors and employees banned from using TikTok on government equipment
The ban came with an executive order that the Governor of South Dakota. Kristi L. Noem (R) signed on Tuesday, at Associated PressStephen Groves reports. It comes at a time of Washington’s new review of the short-form video application over surveillance and propaganda concerns.
“The Chinese Communist Party uses the information they collect on TikTok to manipulate the American people, and they collect data from devices that access the platform,” Noem said in a statement. TikTok owner ByteDance did not respond to AP’s request for comment on Noem’s statement and the ban, but TikTok’s chief operating officer Vanessa Pappas has previously said the company protects the data of its US users and that Chinese government officials do not have access to the data.
The South Dakota ban comes as TikTok and a US government committee with the power to block international deals work on a possible deal. The US military has similarly banned TikTok on government troop devices.
Twitter no longer enforces Covid-19 misinformation policy, company says
Since introducing its anti-Covid disinformation policy in 2020, I tweet has suspended more than 11,000 accounts and removed more than 100,000 pieces of content for policy violations. Now the company is ending the ban, in its latest pivot behind of Elon Musk Twitter acquisition.
The change has worried some public health experts, who say it could discourage some people from getting vaccinated. Taylor Lorenz reports. At the same time, policing content that violates the policy was a challenge for Twitter, which had been criticized for censoring some content that turned out to be true.
“However, Twitter has also struggled to accurately control misinformation and recently began labeling some factual information about Covid as misinformation and banning scientists and researchers who tried to warn the public about the long-term damage of Covid on the body,” Taylor writes. . “As of last weekend, many tweets promoting anti-vaccine content and anti-Covid disinformation remained on the platform.”
No answers on Pegasus hacking scandal as Spanish spy chief remains silent (Euronews)
NHS Palantir deal draws legal threat from patient groups (Bloomberg News)
UK Parliament launches national security strategy inquiry into ransomware (The Record)
TSA Considers Use of Third-Party Evaluators in Future Pipeline Regulations (NextGov)
DOD wants cyber internships for contractors, but acquisition rules may remain a stumbling block (FCW)
- Deputy National Security Advisor Anne NeubergerGovt. Maryland. Larry Hogan (R), Director, National Institute of Standards and Technology Laurie Locascio and other officials speak at the World Quantum Congress in Washington on Wednesday and Thursday.
- National Cyber Director Chris Inglisexecutive director of CISA Brandon Wales and Neuberger speak at a National Telecommunications Security Advisory Committee meeting Thursday at 3:30 p.m.
Thanks for reading. See you tomorrow.