June 13: FIFA fans beware: If you attend the World Cup, and plan to take any form of computer or device with you, you are likely to be hacked. In fact, 72% of cybersecurity professionals anticipate an attack during the World Cup, which takes place in Russia over the next month.
William Evanina, Director of the National Counterintelligence and Security Center, issued a statement to Reuters earlier today, stating no attendee, whether there in an official or spectator capacity, is too insignificant a target. Evanina further advises attendees that if they absolutely must take a device, to take one that is not their usual device (ie: a “burner” device) and to remove the battery when not in use. British officials are also issuing the same warnings to their own attendees and players.
If you’re planning on taking a mobile phone, laptop, PDA or other electronic device with you — make no mistake — any data on those devices (especially your personally identifiable information) may be accessed by the Russian government or cyber criminals.
– William Evanina, Director, National Counterintelligence and Security Center
In related news, the official streaming app for Spain’s La Liga soccer division has admitted to spying on its users. According to Spanish newspaper El Diario, the app maker claims the app, which has over 10 million downloads in the Google Play store, enables the microphone to be turned on when a user enters a bar, in an effort to discover if the venue is illegally streaming a match.
La Liga is claiming the issue only affected users in Spain, and only those who opted in to allowing the app to access their device’s microphone and gather GPS data. However, this opt-in was tied to the apps privacy policy and was enabled when users accepted the terms and conditions for using the app (who really reads the small print right?). La Liga justified its actions by claiming the illegal streams have cost the league over 150 million Euros, and claims they only gather statistical, not personal data. According to the newly implemented GDPR however, these sorts of practices are now illegal.
Special Note: As the World Cup continues, The Rysk Group will update their original post with any relevant information on cybersecurity incidents and news.
Leave a Reply