If you’re going to the FIFA World Cup 2018 in Russia and you’re thinking of taking your laptop or mobile device to the matches, just don’t do it, warned the top U.S. counterintelligence official.
William Evanina, an FBI agent and the director of the U.S. National Counterintelligence and Security Center (NCSC), reportedly told U.S. attendees of the world soccer championships–which begins Thursday in various Russian cities–that they could be targets for state-sponsored hackers and are vulnerable to data theft and other cyber-criminal activity.
“If you’re planning on taking a mobile phone, laptop, PDA or other electronic device with you–make no mistake– any data on those devices (especially your personally identifiable information) may be accessed by the Russian government or cyber criminals,’ Evanina reportedly told Reuters.
The NCSC is part of the Office of the Director of National Intelligence with a mission to protect the United States against intelligence and security threats, including working with third parties on counterintelligence and issuing public warnings about potential threats.
[Listen to: Podcast Episode 88: Inside Russia’s DragonFly Group and How Cyber Crooks Launder Money]
While it’s standard procedure for business travelers to be super-cautious with their mobile devices and laptops in countries like Russia and China due to the cybersecurity threat, an extension of this warning to fans of soccer–the sport those outside of the United States call some variation of “futbol”–seems a bit dramatic.
But Evanina said no tourist or sports fan enjoying a World Cup match is too inconsequential to be a possible target for Russian bad actors.
“Corporate and government officials are most at risk, but don’t assume you’re too insignificant to be targeted,” Evanina told Reuters. “If you can do without the device, don’t take it. If you must take one, take a different device from your usual one and remove the battery when not in use.”
Host country is notorious for cybercrime
Russia is certainly an auspicious location for such a massive global event in terms of cybersecurity, especially since it’s a hotbed of activity at the moment for state-sponsored actors to mount global cybersecurity attacks and spread malicious malware. The NotPetya malware, for example–which wreaked global havoc and caused hundreds of millions of dollars in damages–is believed to be the product of Russian.
Owners of an ever-growing list of routers and network-attached (NAS) storage boxes also are currently feeling the effects of new malware called VPNFilter that also has been linked to Russia. The FBI issued a formal warning about the malware when it was first discovered last month. Last week, Cisco Talos security researchers revealed new findings that VPNFilter continues to spread.
The U.S. government also this week took aim against Russian cybercriminal activity by officially sanctioning five Russian companies and three individuals for their roles in aiding and abetting state-sponsored cyber attacks. All this makes it unsurprising that U.S. officials are urging caution with tourists visiting Russia to attend the World Cup games and festivities.
The U.S. government is not alone in having its reservations over cybersecurity at World Cup. Britain’s National Cyber Security Centre also reportedly issued a warning to the public about cybersecurity at the event. Indeed, such warnings from U.S. and other foreign governments are commonly issued before large sporting or entertainment events held in countries where cybersecurity is known to be an issue, including the recent winter Olympics in Seoul.
To protect data, use a ‘burner’
Companies in the private sector also consider World Cup attendees a potential target for Russian cyber criminals. Ahead of the event, U.K.-based healthcare and risk-management firm Healix International issued a report outlining some of the cybercrime risks of those visiting Russia for the event.
“We do believe there is a credible risk of different forms of cybercrime to foreign travelers in Russia during the World Cup,” Marnix van Gelderen, regional security coordinator for Europe and CIS told Security Ledger Wednesday.
Van Gelderen said foreign travelers are especially at risk if the software on their electronic device is not up-to-date and if they connect to unsecured WiFi networks.
“This would leave them vulnerable to phishing and ransomware attacks and to being targeted by disruptive malware, which could result in the loss of sensitive data,” van Gelderen said. “These risks are especially relevant to individuals accessing online services with personal data, such as Internet banking services.”
To avoid data theft or other unfortunate occurrences due to cyberscrime, the firm advised travelers to back up all sensitive and essential content before their trip and only travel with electronic devices containing data that’s absolutely necessary. That data also should be backed up to an encrypted external hard drive.
Even better than taking their own device, van Gelderen said the firm recommends that people use what are colloquially known as “burners,” or pay-as-you-go mobile phones, to reduce the risk of being targeted by cyber criminals.
“Moroever, [people] should exercise heightened caution when checking emails and should not respond to or click on links embedded in unexpected e-mails, particularly e-mails relating to the World Cup, in order to mitigate the risk of phishing attacks,” he added.