Sochi visitors Hacked in few minutes to prevent attacks

Pierluigi Paganini February 07, 2014

According to NBC News, Olympics attendees are being hacked just the arrive in Sochi,  the reporter Richard Engel demonstrated it conducting an experiment.

Sochi Olympics are starting, but Intelligence agencies of all participating governments fear the possibility of an terrorist attack or a cyber attack. The event is a great occasion for hackers, hacktivists and cyber criminals which could benefit of the attention of the media to run clamorous cyber attacks.

As we have read in newspapers, the security countermeasures are high, but according security experts many infrastructures in Sochi are still unfinished, an ideal condition for an attacker that  intends to exploit a hole in the overall security.

sochi winter-olympics-2014-main-image

According to NBC News, unprepared Olympics attendees are being hacked just the arrive in Sochi,  the NBC reporter Richard Engel demonstrated it conducting an experiment with the support of a cyber security expert. They configured two computers to verify see just how quickly he’d be attacked when accessing onto Russian networks.

The discovery was predictable, when the reporter and his collaborator went to a cafe accessing to the network, they were immediately attacked.

before we even finished our coffee” the bad actors had hit, downloading malware and “stealing my information and giving hackers the option to tap or even record my phone calls.” “less than 1 minute [for hackers] to pounce, and in less than 24 hours, they had broken into both of my computers.” Engel said.

As explained the journalist it was enough to go online to be a victim of the attack.

Engel remarked that Kaspersky Lab is in charge to support the Sochi Olympic Committee for providing computer security,  athletes and other visitors to Sochi are “entering a minefield the instant they log on to the Internet.”, as confirmed by a Kaspersky representative everyone is subject to attack.

Every single bit transmitted in via phone and Internet, is analyzed by the Russian System for Operational-Investigative Activities, according to the U.S. State Department’s Overseas Security Advisory Council that has warned American travelers. As explained in the document Russian Intelligence is using a system, known as SORM to access to communications in the country.

“OSAC constituents traveling to Sochi should be aware that the Russian System for Operational-­-Investigative Activities (SORM) lawfully enables authorities to monitor, record, analyze, and retain all data that traverses Russian networks. Through SORM technologies, Russian authorities have access to any information transmitted via telephone and Internet networks, including all emails, telephone calls, Internet browsing sessions, text messages, and fax transmissions. By Russian law, all telecommunications companies and Internet Service Providers (ISPs) are required to install SORM devices on their networks. These devices allow for remote access and transmission of information to Russian Federal Security Service (FSB) offices. Telecommunications providers are denied access to the surveillance devices and, therefore, have no knowledge of any accessed or intercepted communications.
Although the FSB technically requires a court order to intercept communications, there is no requirement to show it to anyone outside the agency.  SORM is enabled throughout Russia and is undergoing technological upgrades and modernization.  Since 2010, particular attention has been paid to Sochi in preparation for the Olympics. The system in Sochi is capable of capturing telephone (including mobile phone) communications; intercepting Internet (including wireless/Wi-Fi) traffic; and collecting and storing all user information and data (including actual recordings and locations). Deep packet inspection will allow Russian authorities to track users by filtering data for the use of particular words or phrases mentioned in emails, web chats, and on social media.”

Travellers are informed.

(Security Affairs –  Sochi Olympic, cybersecurity)

you might also like

leave a comment