It’s 2014, and that means that it’s an Olympic year. This year the Winter Olympics are being held in Sochi, Russia. As with almost every other Olympics there has been a number of organizational issues to deal with to ensure the Games run smoothly. Unlike other events however, one of this year’s big issues is hacking of the computers and phones of attendees and visitors.
Hacking at the Winter Olympics 2014
Well before the Olympics even started in Russia, the Russian government said that they will be surveilling phone and computer communications. Many scoffed at this, writing off the government as being overly ambitious and boasting about a nearly impossible task. The thing is, the Internet in Russia may not be as secure as many believe, being full of hackers. At least according to a report aired on NBC shortly before the games started.
Update on the report:
After the report was filed, many security experts were suspicious of it, largely because most devices simply aren’t hacked as they are shown to be in the report. We have updated the section below, in italics, with more information on what actually went on in the report.
In the report, reporter Richard Engel took new, never opened laptops and mobile devices to Russia and used them. He found that within 24 hours all of the devices had been hacked, exposing the data stored within. What they didn’t say in the report was how the devices were hacked. It turns out that fake Sochi websites were visited, websites containing malicious software that was then downloaded. How the report was actually made is covered in this document written by the security expert.
In part of the segment, Engel and a security expert go to a local coffee shop in Moscow and search for Sochi on a mobile device. Almost immediately the device is hacked and malicious software downloaded. Engel notes that the hackers have access to data on the phone along with the ability to record phone calls. While the report shows a piece of malicious software downloading to the phone, it doesn’t show where it came from. As we stated above, it was noted in the report by the security expert that sites were visited and one asked them to download and install an app on their phone. This app was a piece of malware that soon infected the phone.
In a follow-up segment, Engel explains a bit more about the laptop issues. When he boots one up and connects to the Internet, hackers are almost immediately snooping around the information, transferring from the machine to the networks. Within a couple of hours, he received a personalized email from a hacker welcoming him to Russia and providing him with some links to interesting websites. Clicking on the link allowed the hackers to access his machine. From the report filed by the security expert, it appears that the same email address was used for the phone and on the laptops. The hackers likely for the information from the phone.
One issue is that it hasn’t been stated in any reports whether the Russian government is behind this, or if it’s hackers out to steal information. While you can be sure that the Russians are monitoring communication, like any country would be, during the Winter Olympics, they are not the ones installing malware on phones. This is being done by either organized crime rings or individual hackers.
I’m not at Sochi so why do I care?
As a business owner half the world away you may be wondering why stories like this, regardless of how true they are, are important to you, or why you should care. Take a look at any tech-oriented blog or news channel and you will quickly see that the number of attacks on devices, including malware, phishing, spam, etc. is on the rise. It’s now likely a matter of when you will be hacked, not if.
Combine this with the fact that many businesses are going global, or doing business with other companies at a big distance. This has caused many people to go mobile and the tools that have allowed this are laptops and smart devices. Because so many people are now working on a laptop, phone or tablet, these devices have become big targets. The main reason for this is that many people simply don’t take the same safety precautions they take while on the office or even the home computer.
Hackers know this, so logically they have started going after the easier targets. The news reports concerning Russia highlight this issue and is a warning business owners around the world should be aware of, especially if they are going to be traveling with computers or phones that have sensitive information stored within.
That being said, there are a number of tips you can employ to ensure your data is secure when you go mobile. Here are seven:
1. Use cloud services wherever possible
Cloud storage services can be incredibly helpful when traveling. They often require a password to access and are usually more secure than most personal and even some business devices. If you are traveling to an area where you are unsure of the security of the Internet or your devices, you could put your most important data in a trusted cloud storage solution.
This is also a good idea because if your device gets stolen, the data is in the cloud and is recoverable. If you have data just stored locally on your hard drive, and your device is stolen, there is a good chance it’s gone forever. For enhanced security, be sure to use a different password for every service.
2. Back up your data before leaving
Speaking of losing data, it is advisable to do a full system backup of all the devices you are taking with you before you leave. This will ensure that if something does happen while you are away, you have a backup of recent data that is recoverable.
3. Secure and update all of your devices
One of the best ways to ensure that your data is secure is to update all of your devices. This means ensuring that the operating systems are up-to-date and any security updates are also installed.
Also, ensure that the programs installed on the devices are updated. This includes the apps on your phone, including the ones that you don’t use.
You should also secure your devices by not only having an antivirus and malware scanner but also requiring a password to access your device.
4. Watch where you connect
These days Internet connections are almost everywhere. In many public spaces like airports, coffee shops, restaurants, etc. many of the connections are open, or free to connect to, and don’t require a password.
While this may seem great, hackers are known to watch these networks and even hack them, gaining access to every bit of information that goes in and out of the network. When you are traveling, try avoiding connecting to these networks if you can. If you really have to, then be sure not to download anything or log into any accounts that hold private data.
5. Know the risks of where you are going
Before you leave, do a quick search for known Internet security issues in the area you will be visiting. If you find any news or posts about threats you can then take the appropriate steps to secure your system ahead of time.
6. If in doubt, leave it at home
In the NBC report, Engle finishes by telling viewers that if they are at all unsure about the security of their devices, or are worried about their data, they should leave the device at home, or delete the data before going. This is a good piece of advice and maybe instead of deleting data completely, you could move it to a storage device like an external hard drive that you leave behind.
7. Watch what sites you visit
If you are visiting a foreign country, it may be easy to blunder onto fake websites or websites that contain malicious software. Our best piece of advice would be to watch what websites visit and what apps you download. If you are unsure of a website’s legitimacy, then don’t look at it or look for another site with the same information. Also, try to add https to the beginning of all major websites’s addresses in the URL bar. This ensures that the verified page loads and not a fake one. As to apps, only download apps from your device’s dedicated app store e.g., The App Store or iTunes for Apple products, Windows Phone Store for Windows Phones, and Google Play for Android devices.
If you are looking to learn more about ensuring the security of your devices while you are away from the office contact us today. We have solutions to help.