Gold is flowing in Olympic cybercrime
Posted by: GuidePoint Security
Published: July 27, 2021, 11:35am
Olympic athletes aren’t the only individuals raking in the gold, silver, and bronze. Cybercriminals are in on the competition as well, engaging in a wide range of scams with the intent to cash in on the Tokyo Olympics.
Threats recently discovered by cybersecurity professionals include fake websites offering streaming services for a fee, phishing attacks, tickets to events that don’t exist, and even a fake Olympic virtual currency in the form of a so-called Olympic Games Official Token. The website selling the token claims the proceeds will fund Olympic athletes. However, no such fund exists and the money goes directly to the scammer.
In addition, there are numerous phishing pages disguised to look like official Olympic pages but, in reality, are designed to steal victim credentials.
Security professionals are also warning that cyberattacks during the Olympics are likely with the possibility of attacks on video feeds. In a recent Private Industry Notification (PIN), the FBI warned of potential distributed denial of service (DDoS) attacks, ransomware, social engineering, phishing, and insider threats explicitly designed to “block or disrupt live broadcasts of the event, steal and possibly hack and leak or hold hostage sensitive data, or impact public or private digital infrastructure supporting the Olympics.”
Next Steps
Internet service providers and other associated partners and organizations are urged to maintain business continuity of operations (COOP) plans to minimize any potential service disruptions. Security professionals also encourage regular network monitoring and reviewing or establishing security policies, user agreements, and patching plans.
GuidePoint Security