The Olympic Games are coming to London this summer, and there's plenty of talk in the British newspapers about the chances that hacktivists, mischief-makers and or even terrorists might try to make a high profile attack against the event's computer systems.
Clearly, there may be some who might be tempted to launch denial-of-service attacks against Olympic-related websites to gain some notoriety or headline inches, and there may even be identity thieves and malware authors who attempt to hack their way into Olympic servers to steal information or plant malicious code.
And don't discount the chances of attack. It was reported that the 2008 Beijing Olympics were on the receiving end of 12 million online attacks per day.
Hopefully, the "war games" simulations run by the Olympics' Technology Operations Centre (TOC) located in London's Canary Wharf, will have put both systems and staff on a good footing to repel any attacks.
But what they can't do very much about are the attacks which take place away from the official Olympics systems. It's not difficult for anyone to create a website which might claim to offer much-prized tickets to the top Olympic events (but actually steal your credit card details), to poison search results with links to malicious Olympic-related webpages, or to spam out emails which may pretend to be official Olympic-related communications.
For instance, see this email I just received claiming that I have been awarded £950,000 in a lottery.
It claimed to come from "2012 Olympic games promo" and had a subject of "2012 Olympic games,Please view the attached for details"
The attached PDF file says in part:
"We will like to inform you that your e-mail address has won the sum of £950.000.00 from monthly British National Lottery Promotion held this March 13th 2012. Your e-mail address was chosen from this promotion as one of the lucky e-mail address through our computer ballot system in British national lottery."
Things which should set the alarms bells ringing in your head:
- They give you an 070 telephone number to ring. The thing is, it might look like a UK mobile phone number, but in fact 070 numbers are "follow me" or "personal numbers" that can be redirected anywhere, and can cost around 50 pence per minute.
- They list your winning lottery numbers. But do you remember entering any lottery with those numbers?
- They want you to hand over your personal information - such as your full name, address, nationality, contact details, etc.
- Worst of all - they want you to send this information.. to a Hotmail address!
Take care folks. The security team working for the Olympics will work hard to keep its systems up-and-running and, hopefully, avoid a serious attack. But only you can ultimately take care of your home computer and your personal finances and information.Follow @NakedSecurity