By: Jason Hart, VP and CTO for data protection, Gemalto
Next month Pyeongchang in South Korea is set to host “the most connected Olympic and Paralympic Games” to date, with millions of people bringing connected devices to the city. Not to mention the first “5G technology village” in a secluded town within the region, which will give traveling fans the chance to experience next-gen innovations such drone experience services and holograms.
However, with mass events like the Winter Games there is always one eye on security, and while physical security is always on the agenda, the threat to foreign dignitaries and sports stars from cyber actors are now rightfully high on everyone’s radar too. But while official teams may be arriving with security professionals and advice on hand, there is still very real threat to traveling Winter Games-goers who may be unaware of looming dangers posed to them from opportunistic hackers online.
The biggest threat to Winter Games-goers
Whilst it might seem natural to slalom from free Wi-Fi to free Wi-Fi as you move about a new city, there are hidden dangers. And unfortunately, for budding travelers, the biggest mistake they can make when arriving in a new city is to automatically look for, and connect to, the first and nearest free Wi-Fi. Public or free Wi-Fi is low hanging fruit for hackers and a gateway to consumer devices, data, and personal information. What’s more, hackers can use trusted networks to spoof or create fake Wi-Fi for unsuspecting travelers to connect to.
If possible, only use Wi-Fi if its password protected and even then, remember to remain vigilant and cautious as you’re logging on to a network thousands of others could also be accessing. So, whether you’ve just touched down in the airport, are drinking a beer in a local pub or chilling in your hotel, it’s best to think twice before connecting.
A hotbed for hackers
It’s not just consumers that are targeted at these types of events either. Employees from sponsors and other participating companies heading to Pyeongchang are likely to be sought after for the valuable business information on their devices. This could be information about potential upcoming deals, the location of important individuals or details about events that could give someone an advantage.
What’s more, many different broadcasters from around the world will be descending on the Winter Games to show the events to billions of people across the globe, they are also insights of hackers, as they look to disrupt live streaming of the events that take place. If you work in this industry, to ensure no disruption occurs, every event will need to be encrypted as the stream travels and decrypted to be shown live. Any communication between multiple data centers will also need to be encrypted to ensure these high-value transmissions are protected.
Even organizations informing teams, news agencies and media sites with race times and winners from the events, are under threat. The accuracy of the information at these types of events is vital, but only if it is trusted. So, what if hackers got their hands on the drug test results of athletes and changed it from negative to positive? We’re already starting to see this happen with claims by the “Fancy Bears’ Hack Team” of widespread TUE approvals, missed anti-doping tests, after its attack on the International Luge Foundation. If this were to happen and the information released during the Games, the fallout could be huge.
Don’t be frozen out by hackers
In order to protect yourself whether you’re out there for work or pleasure, you need to follow the below tips:
1. Avoid free Wi-Fi networks, which don’t have the necessary precautions, where possible.
2. Don’t use Bluetooth, it’s an avenue that can be used to gain access to your mobile device.
3. Create a new email account just for the duration of your stay in Pyeongchang. Avoid sending any important messages, though.
4. Have a new digital identity on the internet for the duration of your stay, but don’t associate with identities that you use normally and ensure your “temporary identity” you’ve created is completely separate from your real identity and can’t be linked.
5. Activate the two-factor authentication services that sites like Facebook and Twitter have to offer. It enables that extra layer of security and ensures only you can access your accounts.
6. If you can, use a Virtual Private Network, which encrypts all your information so it can’t be accessed by an unauthorized person.
6. If you need to search for anything online, try to use a public device in your hotel or when near an event building. Don’t check into personal email accounts or bank accounts on these devices though!
7. Make sure your software, operating system, and security tools are all up to date. These feature the latest security protocols and will protect your devices from vulnerabilities.
8. Only use devices and infrastructure that employ the latest security techniques like encryption and two-factor authentication to protect the integrity of your data.