Internet Security

Adults To Get Same Online Protection As Kids Says Government

The UK government has announced that, in a move to reinforce digital safety for everyone across the country, it will be expanding the scope of the UK Council for Child Internet Safety (UKCCIS) to cover the adult population too.

What Is The UKCCIS?

Formed in 2008, the UKCCIS is now made up of more than 200 organisations drawn from across government, industry, law, academia and charity sectors that have been working in partnership to help keep children safe online. It has been doing this by running an array of campaigns and forwarding policy proposals that aim to improve the online safety and welfare for children in UK schools and colleges.

Some of the help it gives includes providing advice for dealing with ‘sexting’, proposals for the default filtering of online pornography (2012), tackling race and faith targeted bullying, as well as creating a guide for providers of social media and interactive services with examples of good practice, and creating a guide for parents and carers whose children are using social media.

Scope Widened – Same Protection For All

The plans to expand the UKCCIS were announced in the government’s Internet Safety Strategy green paper in October 2017.

The newly proposed widening of the scope of the activities of the UKCCIS with a view to protecting adults as well as children will enable it to focus on tackling issue like cyber-bullying and sexual exploitation, the spread of radicalism and extremism across the internet, mitigating violence against girls and women, hate crime and hate speech, and any online discrimination that contravenes the Equality Act 2010.

Collaborative Approach

It is thought that a collaborative approach among the expanded number of organisations in UKCCIS and the bringing together key stakeholders, from the tech giants to the third sector, coupled with the wider scope of the population should help to bring about a safer online environment for all.

Board Member Applications Invited

The UKCCIS website is currently inviting applications for its Executive Board, a new collaborative forum through which government, the tech community, and the third sector plan to work together to ensure the UK is the safest place in the world to be online. The deadline for applications is 3rd September, and the information and links to the application forms can be found here: https://www.gov.uk/government/groups/uk-council-for-child-internet-safety-ukccis

What Does This Mean For Your Business?

All parents, whether they are business owners or not, would undoubtedly prefer to see the Internet as we know it in the UK, made a much safer place for young people to explore and use. This means that someone / something needs to take responsibility for helping to tackle the risks, and a government-led collaboration of hundreds of organisations seems to be as good a way forward as any at the current time.

With the evolving nature of cyber threats and the fact that all age groups are affected by a variety of unpleasant and criminal activity online, it makes sense that the scope of the UKCIS should be expanded to help adults too.

The Internet is a place to trade as well as to learn, communicate and interact, and a safer Internet for all can only be good news for businesses.

Departing CEOs Steal Intellectual Property Says Report

A new report by Code42 that surveyed 1,634 senior company employees in the UK, US and Germany, has found that most CEOs take what they regard to be their Intellectual property (IP) with them when they leave a company.

It Belongs To Me

The Code42’s 2018 Data Exposure Report appears to show what amounts to an admission of theft on a large scale by departing CEOs, with 72% admitting to taking IP with them from previous employers upon joining a new organisation.

The figures from the survey show that the justification for taking the IP with them is a belief that the ideas are their property. For example, 79% of those CEOs surveyed said that they believe their work and ideas simply belonged to them.

My Time Went Into It

Far from thinking that they were on the company’s time (and pay), the report appears to show that most CEOs believe that their reason for their belief in their ownership of IP comes from a belief that the IP was developed on their time. For example, 59% agreed that their time, not the company’s, went into the end product, and just under half said that they actually felt that they had imparted a bit of themselves into their ideas.

Emotional Threat

The kinds of responses given by the CEOs in the survey appear to indicate, therefore, that emotionally-driven decisions at the highest level can pose a threat to a company’s overall security.

Stored On Personal Device

Even though many employees may be subject to a policy of not storing company information on personal devices, memory sticks etc because of the potential security risk it poses to the company, it seems that most CEOs don’t see themselves as a risk in this way. For example, 93% of CEOs have admitted to keeping copies of their work beyond the remit of their company’s security network e.g. on a personal device or personal cloud storage. 68% of them even agreed that there was a risk to the company in doing so, which indicates that they saw themselves as an exception to a known risk.

Disconnect From Reality

The survey and report highlighted another apparent disconnect from reality as 82% of business leaders appear to believe that IT can protect information it cannot see.

What Does This Mean For Your Business?

The worrying irony of this report is that while most businesses see threats to their IT and data security as most likely to come from hackers, viruses, employee error and even the actions of disgruntled former employees when, in fact, one of the biggest threats to a company may come from the top.

CEOs are likely to be those who hold all the secrets to a company’s competitive advantage, as well as its financial situation, future strategies, skeletons in closets, and most valuable business relationships, and yet they may see themselves as being above the normal security policies and rules. For all the money, time and effort that a company puts into increasing its cyber resilience, one weak link could be the mistaken attitudes and beliefs of the CEO.

Unfortunately, the authority of CEOs can’t generally be challenged from those further down the company hierarchy, and their behaviour and IT practices may not be monitored and controlled in the same way, thereby meaning that they risky behaviour goes unchallenged, and allows them to steal IP in the way they have admitted in the survey.

Part of the value of this kind of survey to businesses is, therefore, to help show emotional forces can drive risky behaviour, and in helping to expose possible ‘disconnects’ within an organisation that can create data security vulnerabilities.

Facebook Favours Free Speech Over Fake News Removal

In a recent Facebook media presentation in Manhattan, and despite the threat of social media regulation e.g. from Ofcom, Facebook said that removing fabricated posts would be “contrary to the basic principles of free speech”.

Fake News

The term ‘fake news’ has become synonymous with the 2016 US general election and accusations that Facebook was a platform for fake political news to be spread e.g. by Russia. Also, fake news is a term that has become synonymous with President Trump, who frequently uses the term, often (some would say) to act as a catch-all term to discredit/counter critical stories in the media.

In essence, fake news refers to deliberate misinformation or hoaxes, manipulated to resemble credible journalism and attract maximum attention, and it is spread mainly by social media. Facebook has tried to be seen to flag up and clean up obvious fake news ever since its reputation was tarnished by the election news scandals.

What About InfoWars?

The point was made to Facebook at the media presentation by a CNN reporter that the fact that InfoWars, a site having been known to have published false information and conspiracy theories, has been allowed to remain on the platform may be evidence that Facebook is not tackling fake news as well as it could.

A Matter of Perspective

To counter this and other similar accusations, Facebook has stated that it sees pages on both the left and the right side of politics distributing what they consider to be opinion or analysis but what others, from a different perspective, may call fake news.

Facebook also tweeted that banning those kinds of pages e.g. InfoWars, would be contrary to the basic principles of free speech.

A Matter of Trust

Ofcom research has suggested that people have relatively little trust in what they read in social media content anyway. The research showed that only 39% consider social media to be a trustworthy news source, compared to 63% for newspapers and 70% for TV.

Age Plays A Part

Other research from Stanford’s Graduate School of Education, involving more than 7,800 responses from middle school, high school and college students in 12 US states focused on their ability to assess information sources. The results showed a shocking lack of ability to evaluate information at even as basic a level as distinguishing advertisements from articles. When you consider that many young people get their news from social media, this shows that they may be more vulnerable and receptive to fake stories, and their wide networks of friends could mean that fake stories could be quickly and widely spread among other potentially vulnerable recipients.

Although Facebook is known to have an older demographic now, many young people still use it, Facebook has tried to launch a kind of Facebook for children to attract more young users, and Facebook owns Instagram, partly as a means to try and mop up young users who leave Facebook. It could be argued, therefore, that Facebook, and other social media platforms have a responsibility to regulate some content in order to protect users.

What Does This Mean For Your Business?

Fake news stories are not exclusive to social media platforms as the number of retractions and apologies in newspapers over the years are a testament. The real concern has arisen about social media, and Facebook particularly, because of what appears (allegedly) to have been the ability of actors from a foreign power being able to use fake news on Facebook to actually influence the election of a President. Which party and President is in power in the US can, in turn, have a dramatic effect on businesses and markets around the world, and the opportunities that other foreign powers think they have.

Facebook is also busy fighting another crisis in trust that has arisen from news of its sharing of users’ personal data with Cambridge Analytica, and the company is focusing much of its PR effort not on talking specifically about fake news, but about how Facebook has changed, why we should trust it again, and how much it cares about our privacy.

Meanwhile in the UK, Ofcom chief executive Sharon White, has clearly stated that she believes that media platforms need to be “more accountable” in their policing of content. While this may be understandable, many rights and privacy campaigners would not like the idea that free speech could be influenced and curbed by governments, perhaps to suit their own agenda. The arguments continue.

First Blockchain ‘Cryptocurrency’ Smartphone

Taiwanese electronics company Huawei Technologies Ltd. (HTC), and Swiss-based Sirin Labs are both introducing blockchain smartphones.

HTC

HTC’s Exodus blockchain smartphone, which it is believed will be priced at around $1,000, and is reported to have “tens of thousands” of reservations globally. The smartphone, from the world’s third largest phone manufacturer, will be released this year, will come with a built-in (offline) wallet for storing cryptocurrencies, and will act as a computer node in a blockchain network.

What Is Blockchain?

Blockchain is an incorruptible peer-to-peer network (a kind of ledger) that allows multiple parties to transfer value in a secure and transparent way. Blockchain’s Co-Founder Nic Carey describes Blockchain as being like “a big spreadsheet in the cloud that anyone can use, but no one can erase or modify”. Blockchain is the technology at the heart of cryptocurrencies like bitcoin, is open-source, and free.

Why A Blockchain Phone?

Giving a phone a blockchain element means that it has access to blockchain applications such as a crypto wallet, secure exchange access, encrypted communications and a P2P resource sharing ecosystems for payment and apps. It can also be used for cryptocurrency mining.

The built-in wallet for the HTC phone for example, will enable it to store bitcoin, Ethereum and other digital tokens.

Sirin Labs – The Finney Phone

The other blockchain smartphone, which is likely to be launched after HTC’s, is the ‘Finney’, named after the late bitcoin pioneer Hal Finney.

This smartphone, which also has a $1,000 price tag, has been described as an “ultra-secure blockchain smartphone”, and has been specifically designed to get around what Sirin Labs believe to be 2 main obstacles to mass market acceptance – security and user experience.

Sirin Labs even launched an initial coin offering / ICO (crowd funding from early backers of tokens for a new cryptocurrency) to fund the Finney. This resulted in over $157 million being raised.

The Big Advantage – The OS

Sirin claims that its big advantage with the Finney is not so much the phone, but more the Operating System (OS) that it claims, thanks to partnerships it is making, will soon be included in phones by other top OEM phone developers.

Security

In terms of how secure the phones are, the main question will be how both companies will keep sensitive cryptocurrency data secure. For example, unless a phone is in flight mode, there’s always a connection of some kind, and that offers a lot more attack surfaces than something like a USB stick that’s only occasionally connected.

Niche Product For Rich Enthusiasts?

Some critics have said that a blockchain smartphone is too much of a niche product that may just appeal to enthusiasts and speculators rather than a mass market, and that most people may struggle to understand what blockchain is and how / why they should use cryptocurrencies.

What Does This Mean For Your Business?

For HTC, many see this as being a way for the company to find a way back into the smartphone market, where it’s been struggling in recent times, but this time with a differentiated product that is a market first, ahead of competitors.

For Sirin Labs, it could also be a way to get into a new section of the market ahead of the competition, but many are sceptical as to whether the Finney will get the mass market acceptance that Sirin Labs hopes.

Most business people in the UK, for example, may be unlikely to see why they would need a blockchain phone with a crypto-currency wallet as part of their daily working life. If they’re going to spend £1,000+, they may be more likely to opt for new models of more familiar phones with more standard features e.g. iPhone or Samsung Galaxy.

Google Chrome’s New ‘Site Location’ Security Feature Activated

The new ‘Site Isolation’ security feature for Google’s Chrome browser has been switched on, and could protect users from log-in credentials theft.

Decade-Long History

The newly switched-on feature actually has a decade-long history in the making. It has been reported that Google invested those engineer-years, mostly in the last 6 years, and a lot of money in producing a DiD (defence-in-depth) feature, and what is a now essential defence against a prolific class of attack.

What Does Site Isolation Do?

It has recently been discovered that all modern chips / processors have security vulnerabilities in them that can contribute to the success of ‘data leakage’ attacks. These vulnerabilities, dubbed Spectre and Meltdown (Meltdown only on Intel chips), can be used by hackers to steal passwords or other confidential data from computers and mobile devices through popular web browsers like Chrome, Internet Explorer, Firefox, and Safari for Macs or iOS.

With Site Isolation enabled, each renderer process contains documents from a maximum of one site which means that all navigations to cross-site documents cause a switch in processes, and all cross-site iframes are put into a different process than their parent frame. This ‘isolation’ of the processes provides effective detection against data leakage attacks like Spectre, which means that the vast majority of Chrome users are now theoretically safer from this one kind of attack. It has also been reported that work is underway to protect against attacks from compromised renderers.

It Does Sap Some Memory

One of the trade-offs that Google has had to make to in order to make this feature effective is greater resource consumption. With Site Isolation on, there is a 10-13% total memory overhead in real workloads due to the larger number of processes. Google is reported to be working on trying to reduce the memory burden.

Even 10-13% is good compared to the 20% memory overhead that was being used when Chrome 63 debuted with Site Isolation.

Not Android Yet – But Soon

Site Isolation is scheduled to be included in Chrome 68 for Android but reports indicate that Google is still working on resource consumption issues before that can be rolled out.

What Does This Mean For Your Business?

The switching on of this feature is, of course, good news for businesses, as it is an additional, free way to strengthen cyber resilience against a popular kind of attack that could have serious consequences. This is of particular importance when businesses are trying to do everything possible to achieve and maintain compliance with GDPR.

Up until now, all businesses have heard is that all modern processors have security flaws in them, and that software patching is the only real answer. Back in May, another 8 flaws, in addition to Spectre and Meltdown, were discovered in processors, dubbed Spectre Next Generation (Spectre NB). At least the switching-on of this Chrome feature is one tangible step in the journey to patch these vulnerabilities before cyber-criminals manage to exploit them all. Hopefully, more, similar features will be introduced across other browsers in the near future.

Cambridge Analytica Re-Born

A new offshoot of Cambridge Analytica, the disgraced data analysis company at the heart of the Facebook personal data sharing scandal, has been set up by former members of staff under the name ‘Auspex’.

Old Version Shut Down

After news of the scandal, which saw the details of an estimated 87 million Facebook users (mostly in the US) being shared with CA, and then used by CA to target people with political messages in relation to the last US presidential elections, CA was shut down by its parent company SCL Elections. CA is widely reported to have ceased operations and filed for bankruptcy in the wake of the scandal.

Ethical This Time

Auspex, which (it should be stressed) is not just another version of CA, but is likely to carry on the same kind of data analysis work, has been set up by Ahmed Al-Khatib, a former director of Emerdata which was also set up after the Cambridge Analytica scandal. Mr Al-Khatib has been reported as saying that Auspex will use ethically based, data-driven communications with a focus on improving the lives of people in the developing world.

Middle East and Africa

The markets in the developing world that Auspex will initially be focusing on are the Middle East and Africa, and the kinds of ethical work that it will be doing, according Auspex’s own communications, are health campaigning and tackling the spread of extremist ideology among a disenfranchised youth.

Compliant

Auspex has been quick to state that it has made changes and that it will be fully compliant from the outset, thereby hoping to further distance itself from its murky origins in CA.

Personnel

One thing that is likely to attract the attention of critics is that, not only is Mark Turnbull, the former head of CA’s political division the new Auspex Managing Director, but that the listed directors of the new company include Alastair Harris, who is reported to have worked at CA, and Omar Al-Khatib is listed as a citizen of the Seychelles.

What Does This Mean For Your Business?

The Cambridge Analytica and Facebook scandal is relatively recent, and the ICO have only just presented their report about the incident. For many people, it may not feel right that personnel from Cambridge Analytica can appear to simply set up under another name and start again. Critics can be forgiven for perhaps not trusting statements about a new ethical approach, especially since Mark Turnbull appeared alongside former CA chief executive Alexander Nix in an undercover film by Channel 4, where Nix gave examples of how his company could discredit politicians e.g. by setting up encounters with prostitutes.

The introduction of GDPR has brought the matters of data security and privacy into sharp focus for businesses in the UK, and businesses will be all too aware of the possible penalties if they get on the wrong side of the ICO.

In the case of the Facebook / Cambridge Analytica scandal, the ICO has recently announced that Facebook will be fined £500,000 for data breaches, and that it is still considering taking legal action against CA’s company’s directors. If successful, a prosecution of this kind could result in convictions and an unlimited fine.

12 Russian Intelligence Officers Charged With Election Hacking

Even though, in an interview this week, President Trump appeared to absolve Russia of election interference (since retracted), the US Department of Justice has now charged 12 Russian intelligence officers with hacking Democratic officials in the 2016 US elections.

The Allegations

It is alleged by the US Justice Department that, back in March 2016, on the run-up to the presidential election campaign which saw Republican Donald Trump elected as president, the Russian intelligence officers were responsible for cyber-attacks on the email accounts of staff for Hillary Clinton’s Democrat presidential campaign.

Also, the Justice Department alleges that the accused Russians corresponded with several Americans (but not in a conspiratorial way), used fictitious online personas, released thousands of stolen emails (beginning in June 2016), and even plotted to hack into the computers of state boards of elections, secretaries of state, and voter software.

No Evidence Says Kremlin

The Kremlin is reported to have said that it believes there is no evidence for the US allegations, describing the story as an “old duck” and a conspiracy theory.

32, So Far

The latest allegations are all part of the investigation, led by Special Counsel Robert Meuller, into US intelligence findings that the Russians allegedly conspired in favour of Trump, and that some of his campaign aides may have colluded.
So far, 32 people (mostly Russians) have been indicted. 3 companies and 4 former Trump advisers have also been implicated.

Trump Says…

President Trump has dismissed allegations that the Russians help put him in the White House as a “rigged witch hunt” and “pure stupidity”.

In a press conference after his meeting with Russian President, Vladimir Putin in Helsinki, President Trump, however, caused shock and disbelief when asked whether he thought Russia had been involved in US election interference, he said “I don’t see any reason why it would be”.

He has since appeared to backtrack by saying that he meant to say “wouldn’t” rather than “would”, and that he accepts his own intelligence agency’s findings that Russia interfered in the 2016 election, and that other players may have been involved too.

What Does This Mean For Your Business?

Part of the fallout of constant struggle between states and super-powers are the cyber attacks that end up affecting many businesses in the UK. Also, if there has been interference in an election favouring one party, this, in turn, affects the political and economic decisions made in that country, and its foreign policy. These have a knock-on effect on markets, businesses and trade around the world, particularly for those businesses that export to, import from, or have other business interests in the US. Even though, in the US, one of the main results of the alleged electoral interference scandal appears to have been damaged reputations and disrupted politics, the wider effects have been felt in businesses around the world.

These matters and the links to Facebook and Cambridge Analytica have also raised awareness among the public about their data security and privacy, whether they can actually trust corporations with it, and how they could be targeted with political messages which could influence their own beliefs.

$13.5 Million In Customer Tokens Lost To Bancor Hackers

Hackers are reported to have stolen $13.5 million of user crypto-currency tokens from the Israeli start-up and decentralized crypto-currency trading platform Bancor.

What Happened?

It has been reported that on Monday, hackers were able to access and compromise a wallet on the Bancor platform that is used to upgrade smart contracts. These smart contracts have been likened to digital vending machines which manage crypto-currency transactions so there is no need for a middle-man.

This compromised wallet was then used by the hackers to steal different types of crypto-currency tokens from Bancor’s customers. The stolen tokens are reported to comprise 24,984 ($12.5 million) in Ethereum tokens, and 229, 356, 645 NPXS (approx. $1 million).

The total loss in the hack would have included an extra 3,200,00 of Bancor’s own token BNT (approx. $10 million), had Bancor not frozen the $10 million of its own Bancor tokens (BNT) as soon as it found out about the hack.
Bancor, which raised over $150 million in an ICO last year, is reported to have taken its exchange offline while it conducts an investigation of the incident.

Criticism

Following reports of the incident, some commentators have criticised Bancor for advertising itself as decentralized, and yet responding to the hack with strategies like those of a centralised system.

Centralised exchanges have received criticism for demanding large fees up front to list tokens, while not appearing to use those fees to help security, judging by the number and frequency of hacks.

User of MyEtherWallet Crypto-currency Also Hit By Hack

In the same week as customers of Bancor took a hit form a hack, so did one of the internet’s most popular services for managing crypto-currencies, MyEtherWallet. MyEtherWallet (MEW) is used to access crypto wallets and also to send and receive tokens to and from other wallets.

For the MEW hack, it has been reported that the hackers compromised ‘Hola’ for about 5 hours. Hola is a free VPN that plugs into browsers, and claims to have nearly 50 million users. Compromising Hola meant that any users who navigated to MEW and accessed their wallet with the VPN switched on are likely to be those who fell victim to the hackers.

What Does This Mean For Your Business?

Many businesses and individuals have been deterred from investing in and using crypto-currencies after the bad press surrounding the Bitcoin bubble and the associated crypto-jacking schemes, media reports of multiple hacks to different exchanges / platforms and crypto-currencies, and a general lack of knowledge and confidence about crypto-currencies. The Bancor and a MyEtherWallet hacks are just two more indications of the many existing security issues (particularly with centralised systems), and may be two more reasons why businesses may shy away from all things crypto-currecncy.

The fact is, however, that crypto-currencies could have many advantages for some businesses, such as the speed and ease with which transactions can take place due to the lack of central banking and traditional currency control. Some crypto-currencies e.g. Ripple, are actually products of banks. Crypto-currencies generally mean easier, faster and more convenient cross-border and global trading, but traditional currencies tend to have the backing of assets or promises of assets of some kind. Crypto-currencies, therefore, tend to be less trusted and more volatile in the markets and governments and banks don’t like the fact that they have no real control over them.

In the case of the MEW hack, this is also an example of why it is better to pay for a VPN service rather than use a free one.

AI Creates Phishing URLs That Can Beat Auto-Detection

A group of computer scientists from Florida-based cyber security company, Cyxtera Technologies, are reported to have built machine-learning software that can generate phishing URLs that can beat popular security tools.

Look Legitimate

Using the Phishtank database (a free community site where anyone can submit, verify, track and share phishing data) the scientists built the DeepPhish machine-learning software that is able to create URLs for web pages that appear to be legitimate (but are not) login pages for real websites.

In actual fact, the URLs, which can fool security tools, lead to web pages that can collect the entered username and passwords for malicious purposes e.g. to hijack accounts at a later date.

DeepPhish

The so-called ‘DeepPhish’ machine-learning software that was able to produce the fake but convincing URLs is actually an AI algorithm. It was able to produce the URLs by learning effective patterns used by threat actors and using them to generate new, unseen, and effective attacks based on that attacker data.

Can Increase The Effectiveness of Phishing Attacks

Using Phishtank and the DeepPhish AI algorithm in tests, the scientists found that two uncovered attackers could increase their phishing attacks effectiveness from 0.69% to 20.9%, and 4.91% to 36.28%, respectively.

Training The AI Algorithm

The effectiveness of AI algorithms is improved by ‘training’ them. In this case, the training involved the team of scientist first inspecting more than a million URLs on Phishtank. From this, the team were able to identify three different phishing attacks that had generated web pages to steal people’s credentials. These web addresses were then fed into the AI phishing detection algorithm to measure how effective the URLs were at bypassing a detection system.

The team then added all the text from effective, malicious URLs into a Long-Short-Term-Memory network (LSTM) so that the algorithm could learn the general structure of effective URLs, and extract relevant features.

All of this enabled the algorithm to learn how to generate the kind of phishing URLs that could beat popular security tools.

What Does This Mean For Your Business?

AI offers some exciting opportunities for businesses to save time and money, and improve the effectiveness of their services. Where cyber-security is concerned, AI-enhanced detection systems are more accurate than traditional manual classification, and the use of intelligent detection systems has enabled the identification of threat patterns and the detection of phishing URLs with 98.7% accuracy, thereby giving the battle advantage to defensive teams.

However, it has been feared for some time that if cyber-criminals were able to use a well-trained and sophisticated AI systems to defeat both traditional and AI-based cyber-defence systems, this could pose a major threat to Internet and data security, and could put many businesses in danger.

The tests by the Florida-based cyber-security scientists don’t show very high levels of accuracy in enabling effective defence-beating phishing URLs to be generated. This is a good thing for now, because it indicates that most cyber-criminals with even fewer resources may not yet be able to harness the full power to launch AI-based attacks. The hope is that the makers of detection and security systems will be able to use AI to stay one step ahead of attackers.

State-sponsored attackers, however, may have many more resources at their disposal, and it is highly likely that AI-based attack methods are already being used by state-sponsored players. Unfortunately, state-sponsored attacks can cause a lot of damage in the business and civilian worlds.

1 – 0 In England Vs World Cup Hackers

It has been reported that the England football team have been briefed before flying out to their World Cup base in St Petersburg about how they and UK fans can avoid falling victim to Russian hackers.

NCSC Advice

The briefing has been delivered by The National Cyber Security Centre (NCSC), which is part of GCHQ. The advice will focus upon cyber security e.g. for mobile devices and using Wi-Fi connections safely while in Russia.

The same advice has been included in an NCSC blog post that is aimed at anyone travelling to Russia to watch any of the World Cup game, and is entitled ‘Avoid scoring a cyber security own goal this summer”.

The NCSC suggests that is it should be read alongside other UK government online advice pages such as the “FCO Travel Advice” page relating to Russia (https://www.gov.uk/foreign-travel-advice/russia), and the “Be on the Ball: World Cup 2018” pages (https://www.gov.uk/guidance/be-on-the-ball-world-cup-2018).

Why?

Many security experts and commentators have noted that sporting events have become a real target for cyber criminals in Russia in recent times. Russia-based security company, Kaspersky, reported seeing spikes in the number of phishing pages during match ticket sales for this year’s World Cup. Kaspersky reported that every time tickets went on sale, fraudsters mailed out spam and activated clones of official FIFA pages and sites offering fake giveaways, all claiming to be from partner companies.

Kaspersky says that criminals register domain names combining the words e.g. ‘world,’ ‘worldcup,’ ‘FIFA,’ ‘Russia,’ etc, and that if fans look closely they can see that the domains look unnatural and have a non-standard domain extension. The Security Company advises that fans should take a close look at the link in the email or the URL after opening the site to avoid falling victim to scammers.

The general advice from Kaspersky is to give cheap tickets a wide berth, not to buy goods from spammers in the run-up to kickoff (because the goods may not even exist), not to fall for spam about lotteries and giveaways because they may be used for phishing, not to visit dubious sites offering cheap accommodations or plane tickets, and only to watch broadcasts on official FIFA partner websites.

Kaspersky also advises visitors to use a VPN to connect to the Internet, because, in the aftermath of the government’s attempt to block Telegram, popular sites in Russia are either unavailable or unstable.

England Team’s Briefing

England team Manager, Gareth Southgate, has noted that the England team players are young people who will look for things to occupy their time while in hotel rooms e.g. playing video games, and using multiple devices such as smartphones, tablets and gaming devices. The fact that technology will play a big part in the England team’s downtime throughout the tournament is the main reason why the FA is taking cyber security so seriously.

It is understood, therefore, that the NCSC has been advising the players on the rules to follow on e.g. which devices they can safely use and where. Also, the devices belonging to players and staff will be thoroughly screened to make sure they have the right security software installed.

What Does This Mean For Your Business?

Anyone travelling abroad for business or pleasure, particularly to countries where certain cyber security threat levels are known to be high should read the UK government’s advice pages relating to cyber security while travelling.

In the case of travelling to Russia for the World Cup, some of the measures people can take before travelling are to check which network you will be using and what the costs are, to make sure all software and apps are up to date and antivirus is turned on, to turn on the ability to wipe your phone should it be lost, and to make sure all devices are password protected and use other security features e.g. fingerprint recognition.

On arriving in Russia, the advice is to remember that public and hotel Wi-Fi connections may not be safe and to be very careful about what information you share over these connections e.g. banking. Also, don’t share phones, laptops or USBs with anyone and be cautious with any IT related gifts e.g. USB sticks, and to keep your devices with you at all times if possible rather than leave them unattended.

The full UK government advice can be found here https://www.ncsc.gov.uk/blog-post/avoid-scoring-cyber-security-own-goal-summer.