Russia Fends Off 25 Million Cyber-Attacks During World Cup

Russia Fends Off 25 Million Cyber-Attacks During World Cup

Russia prevented nearly 25 million cyber-attacks and other criminal acts during the football World Cup, according to the Kremlin. The Moscow Times reported that Russian President Vladimir Putin praised the world of the country's security forces, along with international cooperation, ensuring a safe tournament. 

“I expect that your close and constructive interaction will continue and will contribute to ensuring the security of our states and our citizens in the future,” Putin was cited as saying.

Ahead of the World Cup, a cooperation center staffed by law enforcement officers from 34 countries was opened to monitor potential fan violence. Facilitating coordination between officers from 32 countries – those which qualified for the tournament – the center hosted at least six British police officers, and the hosts of the next World Cup 2022, Qatar.

A survey conducted by Lastline at Infosecurity Europe 2018, found that 72% of security professionals believed an attack was likely during the World Cup given the fact that attacking high-profile international events is trending among cyber-criminals.  

During the World Cup, many organisations have come forward warning of potential risks to attending and non-attending fans. Researchers from McAfee warned fans to be wary of malicious apps and phishing emails created to specifically target football supporters. According to the alert issued last week: "Some fans have looked to the “Golden Cup” app to stream data and records from past and present games, not knowing that cybercriminals have also used the app to install spyware on devices of unsuspecting fans. 

"This threat campaign, called Android/FoulGoal.A, looks like a typical sporting app with general information and background around the games. However, in the background and without user consent, the app silently transfers information to cybercriminals, including victims’ phone numbers, installed apps, device model, and manufacturer, available internal storage capacity, and more."

It has also been reported that around 100 Israeli military individuals fell victim to a honeypot attack that came in the form of a malicious World Cup score tracking app and two fake online dating apps. They were available on Google Play. 

David Grout, Southern Europe Technical Director, FireEye, said that while the numbers quoted by President Putin are high, they are not unexpected: "Vladimir Putin’s statement that government security services have thwarted 25 million cyber-attacks linked to the FIFA World Cup may seem like a surprisingly high number, but not necessarily for those who work in the field. Every major event, whether sporting, political or otherwise, are likely to attract cyber attacks. The 2018 World Cup is no exception. Before the competition had even started there was evidence of Phishing attacks.

"This included phishing attacks that started several weeks before the tournament and carried on throughout," he explained. "These campaigns use several levers such as low-cost ticket offers, the chance to win a trip to Russia, promotions for items related to the World Cup (national team jerseys, mugs featuring players etc). The main goal in this type of attack is to recover your banking information and force you to go through with the transaction to get the card number information, expiration date and also CCV.

"There were also risks from state-sponsored groups attempting to destabilse the IT and EO infrastructure used during the World Cup. Historically we’ve seen an acceleration of attacks and leaks of information trying to discredit the actions of an organisation tied to an event, the most notorious example being the APT28 campaign against the world anti-doping agency (WADA)."

Source: Information Security Magazine