Security firm says cyber threat activity in Brazil needs attention
With the Rio Olympics now officially underway, security has been taking center stage at many different levels -- from terror threats to concerns around the rapidly spreading Zika virus. But one leader in IT security recently warned about overlooking another viable threat: cyber security.
Network and content security firm Fortinet published detailed research warning that cyber threat activity in Brazil -- in association with the Rio Olympics -- is in need of special attention in the coming weeks. The formal run of the Olympic Games in Rio is August 5 - 21, 2016.
Fortinet saw indicators of repeat cyber attack techniques -- domain lookalikes for payment fraud and malicious websites or URLs targeting event and government officials -- ahead of the start of the Games on Friday. Additionally, the firm said to be on the lookout for additional attacks, most notably advanced threat techniques on data, as the total volume of attacks should be high throughout the Summer Games.
"The expanding attack surface enabled by technology innovation, new IoT devices, regulatory pressures, and a global shortage of cybersecurity talent continue to drive cyber threats. All of these elements combined with global political events add more complexity to the situation and complexity is the enemy of security. Simply deploying security point solutions end-to-end is not enough. Organizations need to adopt a Security Fabric that will enable direct communication between solutions for a unified and rapid response to advanced threats." -- Ladi Adefala, Senior Security Strategist, Fortinet
One sophisticated type of attack that the security firm brought to attention is that of "behavior blending." Entering the Rio Games, this type of advanced cyber attack was appearing with increasing frequency.
With behavior blending, attackers gain access to a network, generally through illicitly acquiring credentials, and then take on "normal" behavior for a set period of time to avoid detection from mostly automated security tools. This method allows attackers to thwart detection and then put forth the a more serious attack at a later time.
Phishing attacks -- fraud that occurs when an attacker poses as a legitimate company -- were also on the rise entering the Rio Olympics, with Fortinet reporting a 76 percent increase in the global volume of phishing activity from April to June 2016. And Brazil’s percentage increase in phishing was higher than the global percentage increase.
Brazil also saw a marked increase in malicious URL attacks in June. The country experienced an 83 percent increase in this type of attack, compared to the 16 percent increase seen across the rest of the globe.