Football fans know the 2014 football World Cup kicks off on Thursday 12 June in Brazil and will be supporting their national or favourite team in the competition – so what does this mean for corporate security?
Well, for football fans, it means the chance to gather around the proverbial water cooler and discuss the competition. As part of supporting their team, some may be bending a few acceptable use policies and surfing the internet from work for news and updates. There will also be email sent, received and forwarded about the competition.
The danger comes from cyber criminals leveraging consumer interest in any cultural, social or sensational event. They will attempt to entice those fans to websites where drive-by downloads are rigged with malware – malicious code capable of stealing passwords and personal information, or recruiting the machine into a botnet.
According to a McAfee report, using the McAfee Site Advisor site ratings to determine which sites are risky to search when coupled with footballer names, it is possible to calculate an overall risk percentage, or ‘red card’ rank.
Portugal’s Cristiano Ronaldo just barely edges out Argentina’s Lionel Messi as the world’s riskiest football player to search for online according to these rankings.
The football World Cup and GameoverZeus are some of the possible subjects that will be used over the next few weeks to target users.
User awareness training, patch and update programmes are some of the countermeasures that organisations should be deploying to protect their asses, and what works for organisations will work for individuals.
User awareness should cover being aware of downloading content rather than watching free streaming downloads – like most things, something that seems to be too good to be true often has a cost. Use of official sites and being wary of supplying credentials unexpectedly are all good points to keep in mind.