Credit to Author: Christopher Boyd| Date: Wed, 28 Jul 2021 16:52:56 +0000
The 2020 Olympics are, after a bit of a delayed start, officially in full swing. So too is the possibility for scammers to crawl out of the woodwork. And while actual, measurable cyberrattacks and hacks surrounding The Olympics did not truly get rolling until 2008 in Beijing, The Olympic games have traditionally been quite the target for malicious acts of all kinds, dating back years. Shall we take a look?
No sign of cyberattacks yet. A disaster is alluded to, but the disaster in question is down to slow websites for surfers, and faulty data transmission at the event itself. People getting up to mischief? Not so much.
You may (or may not!) remember Sydney being referred to as “The Internet Olympics”. It was also the first major Olympics event where organizers braced for hacking related impact. I recall quite a lot of articles at the time predicting all manner of doom and gloom scenarios. I’m sure Y2K bug fever didn’t help douse the fires of suspicion that things were about to go awry.
As it turns out, things did not go awry. A non-hacked games were enjoyed by all. Phew.
2002 Salt Lake City
By the time of the 2002 Olympics, experts responsible for locking down the winter event were in good spirits. Nothing happened at the 2000 games, and it seems nothing happened at any earlier events either. Once again, the primary concern outside security was reliability and hoping massively complex networks wouldn’t fall over during the games proper.
The most interesting cyber story in the build up to the 2004 games was an infamous wiretapping incident in Athens. Some folks maintain there’s a strong possibility it was designed to grab all manner of calls from VIPs during the games. We’ll almost certainly never know for sure.
This is spectacular (and you really should click, because it’s hard to put into words what is on view here). As you can see, things still aren’t really all that cyber in Olympics land. That’s about to change, however…
The Beijing Olympics are notable for what may be the first real slice of cyberattacks aimed at the games. Former Chief Executive of the British Olympic Association feared they’d been compromised. A number of sports-related organizations, including various National Olympic Commitees, the World Anti-Doping Agency, and the International Olympic Committee, were all targeted by “Operation Shady Rat,” according to McAfee. While unrelated organizations were also targeted over a five-year period, this definitely isn’t what anybody needs prior to an Olympic games.
An article from the time claims the “English language version” of the Olympics site was apparently compromised and redirected to some sort of loan company portal. However, there are so many official and unofficial sites from the time, it’s difficult to say what exactly that site is. Is it a fan site? A real portal? Did the article typo the URL? I’m not sure, and I can’t find it being mentioned anywhere else. We’re on less shaky ground with this tale of banner color alteration, in which it was claimed that color alterations made to a website were purposeful hacks meant to highlight human rights abuses.
There’s also an incredibly comprehensive run-down of hack-related happenings during the 2008 games here. In just two years, we’ve gone from “not much happening here, is there?” to “RED ALERT, THIS IS NOT A DRILL”. Fake ticket websites, bogus streams, websites belonging to athletes hacked, site defacements, and more.
Away from the official games content itself, people were targeted by other means. All of a sudden we have infectious email attachments, and compromised third-party sites serving up malware. Wherever you looked, there was a threat sprinting into view.
Hacking may have been slow off the blocks, but it was definitely an unofficial event by this point.
I couldn’t really find much for the Vancouver Winter Olympics. The most interesting incident was probably a fake opening ceremonies website serving infections, via promotion from a bogus Twitter account. Not spectacular by any means, but one of the first examples of using Twitter as a jumping-off point for attacks during a major event.
The London Olympics—the one where James Bond and the definitely real Queen jumped out of a helicopter—was a massive splash of malicious activity in internet terms.
By this point, security drills and planning were a major component of the games. I seem to recall reading about Canada doing extensive testing in the build-up to Vancouver, and simulated attacks detailed here were probably building on those efforts. According to that article, China was “subject to about 12 million online attacks per day” during the 2008 games. War-gaming and using “an in-house team of pretend hackers,” as they put it, makes a lot of sense.
Articles warning of dangers mainly focused on search engine poisoning (still a threat back in 2012), fake sites, streaming, and once again Twitter makes an appearance as “one to watch.” There’s also the occasional warning about dubious Wi-Fi hotspots.
In terms of actual attacks which took place, we see the rise of mobile as a way in for Olympics scams. Russian sites hosted Trojans claiming to be official 2012 game apps. Yes, games thrown into the mix alongside mobile. What a combo! Email spam promising free airline tickets to see the games is a timeless social media scam also repackaged for this sporting event. Here, you’d get nothing but survey scams.
Elsewhere, there were threats to power supplies made prior to the opening ceremony. There was also this frankly incredible tale of traffic lights, in which Vanity Fair reported that London manipulated its own traffic light system to change any red lights to green lights for officials who were scouting the city for the initial Olympic bidding process. We’ll save the best for last, and by best I do of course mean worst—an opening ceremony conspiracy theory claiming to foreshadow COVID-19. Because hey, why not.
The “You’re definitely going to be hacked in Russia” framing went into a bit of overdrive during the build up to these particular games. Indeed, that specific story regarding how easy it was to be compromised in Sochi drew a fair amount of heat.
Even much more reserved commentary pieces labelled it a “cyber war zone.” Which is interesting, because the real fireworks would arrive at later events.
2016 Rio de Janeiro
The Rio Olympics had their now traditional opening ceremony of “here come the scams.” We can see clear patterns developing over time as scammers dust off their tried and tested sporting fakeouts.
Fake tickets and lottery winnings start doing their thing. So, too, do fake ticket sites, TV promotions, and even something offering world champion status in the “amorous olympics”! Phishing and bogus domains remained a strong contender for taking the scammer gold medal, with ATM carding grabbing a runner-up spot.
Ransomware put in a less than sporting appearance, via a compromised federation website. The RIG exploit kit was also lying in wait for anyone searching for Rio cake instructions—as in the actual baked dessert—which I must admit, I didn’t see coming.
All things banking are considered a problem point in Brazil in terms of hacks and malware, so there were plenty of warnings for visitors surrounding that too. You’ll notice alongside the mainstay threats there are some new additions beginning to seep in. New techniques and tactics will continue to emerge as we move from event to event. We’ll finish off with 2016 by linking to Anonymous branded attempts to highlight the less entertaining activities happening off camera.
A strong start for Team Cybercriminal as they deploy “Olympic Destroyer,” whose name is if nothing else incredibly accurate as a mission statement. After various threats down the years to interfere with the opening ceremony, the bad people finally get their wish and caused chaos.
We take a quick dip back into mobile land, as more bad apps roll into action. In this case, one app claimed to be a livestream application showing highlights. In reality, the app crashed a lot but displayed a tireless ability to pop adverts without fail.
We round this brief summary off with a worrying slice of alleged nation state attack. US officials claimed that Russian spies compromised multiple computers, and made it look as though North Korea was responsible.
Actually, no. We’ll end this summary with a bit of an epilogue to the games, some months after it had taken place. A very nasty attack there, in which Russian hackers were accused of leaking the private medical information of US Olympians Simone Biles and Venus and Serena Williams, in a reported attempt to downplay the severity of Russia’s involvement in an Olympic doping scandal.
And now we come to the current games held in Japan. Things began early, with Twitter account compromises in February. Picking up where we left off last time, state-backed attacks from Russia were planned before the games were postponed due to the pandemic. We’ve now got the traditional alarms being sounded, but it remains to be seen where the big hits hammer home. There is evidence of malware bouncing around though, in the form of Wiper malware targeting Japanese computers.
People should ensure they’re running the latest version of their operating system, their security software is up to date, and think very carefully where offers, freebies, discounts, streaming, mobile apps, or too-good-to-be-true emails are concerned.
These are tried and tested methods for Olympics scammers, and they’re becoming very good at it. Let’s see if we can make them come in last place for a change.
The post The Olympics: a timeline of scams, hacks, and malware appeared first on Malwarebytes Labs.