Expect to Be Hacked in Sochi? Not Exactly
Oh Yes, this has video link to NBC Report
http://www.pcmag.com/article2/0,2817,2451360,00.asp
NBC suggested that Sochi visitors would be hacked the second they stepped off the plane, but it's not that simple.
In the original piece (below), Richard Engel, NBC's chief foreign correspondent, teamed with Kyle Wilhoit, a threat researcher with Trend Micro, to test how quickly devices could be compromised while in Russia. And indeed, the MacBook Air, Lenovo PC, and a Samsung Galaxy S4 smartphone were hacked almost immediately.
The segment suggested that there was something unique about Russia; that your devices were more at risk in the country than in the U.S. or elsewhere. But in a behind-the-scenes video posted online by NBC, we find that the real culprit is lax security. None of the devices powered up in Russia (the duo were in Moscow, not Sochi) were running anti-virus software, which is asking for trouble wherever you are. Meanwhile, the devices were infected only after Engel downloaded them.
Avoiding links and attachments from sketchy sources is computer security 101, though many people have fallen victim to the scheme. Just ask the social media managers for a number of high-profile news outlets who had their Twitter and Facebook accounts compromised by the Syrian Electronic Army (SEA) thanks to a similar tactic.
In a white paper discussing the NBC experiment, TrendMicro said anti-virus software was not installed on the machines "because we were supposed to be regular users in Russia for the Sochi Olympics and wanted to understand the threats attendees who do not take proper precautions faced."
The white paper breaks down how each device was compromised. On the Galaxy S4, Engel "visited a Sochi-Olympic-themed site and [was] redirected to another, which prompted us to download an app (avito.apk) that seemed to have relevant travel information."
The .APK file downloaded and a prompt asked Engel to hit Accept, which he did "because we believe that's what typical users would do," Trend Micro said. The download, however, "allowed the attacker to read the emails on [the phone], gain access to external media connected to it, collect contact data stored in it, record calls made on it, and perform several other tasks."
The hackers appear to have found Engel's (fake) email address via the Galaxy S4 hack, which they used to send him a message with an attachment. Engel received that on the Lenovo PC, which he opened.
"Opening the document sends a simple beacon to whatsappload.ru. Within a minute, the piece of malware opened a back door connected to the same site via port 443," Trend Micro said. "This allowed the attacker to gain access to the infected machine. He can even perform several malicious tasks such as stealing banking information or exfiltrating important documents."
The MacBook Air, meanwhile, was infected after browsing to a malware-infected website. Engel had to right click and click "open" to run the malicious program, though.
"Had we not right-clicked and opened the file, Macintosh Gatekeeper running on OS X 10.8.5 would have caught and prevented the file from running," Trend Micro said. "Once executed, std.app also created a back door and communicated with the IP address, 146.185.128.92, for subsequent access."
In the end, "attacks occur worldwide everyday in many countries [and]some do originate from Russia," Trend Micro concluded. "Attacks can occur while you are sitting in a coffee shop in Berlin, Tokyo, or Philadelphia but in this case, Richard was sitting in a Russian café so his Google search returned several local results."
Ultimately, journalists, athletes, and spectators in Sochi for the Olympic games should be on alert for Web scams just as they should be when at home. But the situation in Sochi is not as dire as NBC's original segment made it seem (when anchor Brian Williams said that "visitors to Russia can expect to be hacked.") Certainly, you can expect to be targeted by hackers (just as you might at home), but whether or not you are actually hacked is largely up to you. Just make sure you install security software, avoid unknown websites, and don't download sketchy attachments or click on strange links.
For more, check out Watch Out for Olympic Spam, Phishing, Malware and PCMag's roundup of The Best Antivirus for 2014.
Also check out how Avaya is working to keep networks secure at the Olympic Games and How to Watch the Sochi Olympics Online.
No comments:
Post a Comment
Please leave a comment-- or suggestions, particularly of topics and places you'd like to see covered