How hackers steal personal data from Rio Olympics visitors - Action News
Home WebMail Tuesday, November 26, 2024, 08:48 PM | Calgary | -7.7°C | Regions Advertise Login | Our platform is in maintenance mode. Some URLs may not be available. |
Science

How hackers steal personal data from Rio Olympics visitors

According to cybersecurity researchers, Rio is home to a large number of malicious Wi-Fi hotspots designed to steal personal information from travellers. CBC technology columnist Dan Misener offers advice to travellers on how to stay cybersafe.

Researchers say there have been 'security incidents' on Wi-Fi networks in and around Rio

Connecting to a Wi-Fi network in Rio? Security researchers say you should think twice. (AP/David Goldman)

Rio de Janeiro is hosting more than the Olympics this summer.

According tocybersecurityresearchers, Rio is also hosting a large number of malicious Wi-Fi hotspotsdesigned to steal personal information from travellers.

Security firmSkycurerecently identifieda number of "security incidents" taking place on Wi-Fi networks in and around Rio.

Security experts say that travellers should approach open Wi-Fi networks with caution. (Keith Bedford/Reuters)

These include wireless hotspots at the airport, on public transit, and at shopping malls, coffee shops and hotels.In other words, they're showing up in places where travellers might ordinarily expect to connect to free Wi-Fi.

Skycure says it's relatively inexpensive for hackers to set up a malicious hotspotor to spoof an existing signal.Hackers seem to be capitalizing on all the tourists in Rio right now, and this issue is particularly problematicbecause travellers often rely on free Wi-Fi connections to avoid expensive data roaming.

The risk of open Wi-Finetworks

Hackers aresetting upfake networks for one simple reason: to steal your personal data and sell it.

"They're after all the data they can get their hands on," said Skycure'sVarun Kohli, "it can be your financial information, it can be your credit card information, it can be your healthcare records.A healthcare record sells on the black market for ten times the price of a financial record if they can get their hands on this data, they can make easy money from it."

Some of the suspicious Wi-Fi networks around Rio de Janeiro (Skycure)

Some of these malicious networks are set up to decrypt your encrypted communications. So even if it appears that you're on a secure website, you might not be.

Counterfeit apps

Malicious Wi-Fi is just one attack vector Olympic fansshould also be keeping an eye on theirsmartphone apps.

For instance, there's an Android app called Rio 2016 it'sthe official app for the games, itshows up in the Google Play store, and it includes a bunch of features for people who are physically in Rio: spectator guides, event informationand maps ofthe city.

Butsecurity researchers have found copies of the Rio 2016 app that have been repackaged with malware. They show up as look-alike or copycat apps in third-party app stores, with slightly different titles, like Olympics Rio 2016and Rio 2016 Olympics.They look legit, but they're not.

Beware counterfeit apps masquerading as the real thing. (Skycure)

Again, the hackers behind these apps are opportunistic. They're taking advantage of the huge amount of attention and interest in the Olympics right nowand using it to their advantage.

How to keep your data safe

According to Varun Kohli, there are a few basic waysto keep your data safewhile travelling abroad.

"Do not connect to free Wi-Fi networks. If you have to, do not do any sensitive business don't be checking your bank account statement when you're on a free Wi-Fi network you've never been on before."

Before you hit the road, it's also a good idea to check out Skycure'smap of security threats. When you type in a city, it shows you hotspots where suspicious activity has been reported.

Kohlialso recommends peopleonly download apps from stores like Google Play and iTunes and make sure their phones are up to date.

And remember: if your Wi-Fi network seemssuspicious, don't connect. It's better to be safe than sorry.