The government is hiring an additional 55 000 police officers, boosting the force by 15% to meet any security threat to the 2010 Fifa World Cup. Helicopters, water cannons, and 100 patrol vehicles will also be used to beef up security, according to Danny Jordaan, chief executive of the organising committee. He is on record as saying that fans can expect a “safe and secure” World Cup tournament.
While there is no reason to doubt his words, or that the government has done its best to counter any possible physical threat - from hooligans flinging beer bottles at the players to riots in the streets and even nuclear terrorism - there is one area that seems to have escaped close attention: IT security.
With World Cup fans comprising the largest sporting community on the planet - 400 million viewers are expected to watch the final live on TV - it is an appealing target for spammers, scammers and malware distributors.
Soccer madness
Undoubtedly, soccer fans will send and receive significantly more e-mails and instant messages than usual during the World Cup. This upsurge in activity will spawn an increase in the volume of World Cup-themed viruses, phishing expeditions and denial-of-service attacks in the coming weeks and months.
Security consultants are warning corporate IT departments to take proactive, preventive measures to protect their networks from this new form of soccer hooliganism, which is expected to impact more than one billion people globally by the time the World Cup champions are crowned at Soccer City in July 2010.
The first World Cup-related spam e-mails are already doing the rounds. One is designed to plant a nasty piece of malware called Bredolab in victims' PCs. Bredolab is in fact a Trojan designed to increase the number of PCs in botnets.
The first World Cup-related spam e-mails are already doing the rounds.
Andy Robb is CTO at Duxbury Networking.
A botnet is a roBOT NETwork of compromised computers that is used to create and send spam or viruses on a large scale or flood networks with messages in denial-of-service attacks. The already-thriving botnet business of selling lists of compromised computers to hackers and spammers can be expected to boom around World Cup time.
Bolster the defence
What defensive strategies can organisations bring to bear to counter these threats?
The first step is to introduce a filter to eliminate (or quarantine) e-mails that reference the World Cup and, at the same time, install new virus filters that incorporate the latest updates on worms and Trojans.
Other suggestions include the banning of Web surfing and linking to (often bogus, malware and spyware spreading) World Cup sites by staff members.
For similar reasons, block images sent from camera phones and be wary of social networks. Twitter, Facebook, LinkedIn and others will be used by cyber villains who will continue to be drawn to these platforms like moths to a flame, because they are used daily by many millions of people.
While these social networks deliver measurable business benefits - and their blocking during World Cup time will be out of the question for many companies - the challenge to find an appropriate balance between security and usability remains.
A key problem with social networking in the business arena is the ease with which users are capable of sharing sensitive company information along with the latest soccer news. Cyber criminals are well aware of this tendency and view these sites as ideal for the launch of phishing scams.
They work like this: the target will be sent a message that appears to be coming from a Facebook friend. Within the messages is a URL said by the 'friend' to contain scoops on Milan Jovanovic, Bruno Alves, Patrick Helmes or one of the new breed of soccer stars.
In reality, the link will take the victim to a Web site that automatically downloads malware onto his or her PC. The malware then goes off in search of any valuable data stored on the PC or the company network.
Unfortunately, there is no technological 'quick fix' for social networking insecurity. The problems are generally cultural in nature and will require many hours of education to resolve. Regrettably, kick-off is just days away.
Share