WORLD CUP: ALL THE WAYS FOOTBALLERS AND FANS CAN BE HACKED
VISITORS to the 2018 World Cup in Russia will be eager to enjoy the football and soak up the culture. But safety concerns are lurking in the background of this tournament. Whether it is the threat of racial abuse, football hooliganism, or falling victim to fraud, many football fans have good reason to be wary. But alongside these traditional threats, travelling fans and players also need to be vigilant of cyber crime.
The 2018 World Cup presents a number of opportunities for criminals. There will be those looking to take advantage of the festival atmosphere by stealing money, devices or data from travelling supporters and footballers. With the amount of money stolen through cyber crime expected to double from $3 trillion (about R39.5 trillion) in 2015 to $6 trillion by 2021, the threat is very real. Here are all the ways visiting fans and footballers could fall victim to a cyber attack.
Wi-fi
To avoid purchasing expensive dataroaming packages, many fans will rely solely on free wi-fi at their hotel, coffee shops and restaurants. Supporters eager to refresh scores of important matches, check their bank account, or download maps to the local stadium might need to think twice before using public wi-fi. The lax security controls on public wi-fi makes it easy for hackers to steal your information while browsing. Taking control of the network, hackers have the ability to see the information sent between the device and the destination. So, if you use passwords or send sensitive information, hackers could steal that data. The ease of setting up public hotspots from phones or other devices means that hackers can have more invasive access without using existing wi-fi hubs.
Websites
Some fans will travel to Russia without tickets, either to enjoy the atmosphere surrounding the World Cup or with the hope of obtaining tickets while there. Supporters should be wary in the latter case.
Although the public have become more cautious of ticket touts and potential fake sellers, there is still a thriving market online for reselling genuine and fake tickets.
This is perpetuated by an increase in the number of website domains registered under the guise of appearing official. Illicit sites that might be confused with official websites increase the risk and likelihood that some visiting fans might be duped into providing personal and financial information in exchange for tickets.
As supporters update their phones with the latest World Cup apps, data collection remains a significant worry.
With seven out of 10 smartphone apps sharing data with third-party services, it is therefore paramount that fans are careful about the type of information they share on these apps. Fake apps promising the best coverage or ticket deals pose serious threats to personal information stored on devices. Apps that require personal information or more permissions than normal have the potential to steal information.
Devices
Smartphones, tablets, watches and other devices form an important part of the experience of football. Supporters can check scores, view team line-ups and share their own thoughts on a variety of platforms. A worrying concern is phonecloning software that allows the user to copy a phone and then gain the ability to intercept calls and texts. Phone-cloning technology has become far more readily available.
Players
The potential threats mentioned above apply to the squads themselves and the football associations as a whole. In fact, sports players and football associations have been the victims of cyber attacks before. Last year in the US, data from 1 200 American football players was stolen in a large cyber hack. The contingent of players, coaches and backroom staff present any number of cyber security challenges. No wonder England players will be briefed by Government Communications Headquarters regarding devices and general cyber security.
In summary, it’s good advice to avoid using public wi-fi where possible – and in cases where there are no options use it sparingly. Apps such as Whatsapp boast end-to-end encryption, but even that is no guarantee of safety.
Because fake ticket touts are infamous for their ingenuity when it comes to replicating the real thing, ensuring that your tickets come through licensed sources will limit chances of fraud. Using official apps and carefully selecting which links to click on should ensure safety from the majority of cyber threats. Supporters should also keep devices password-locked.
● Conor Deane-mckenna is a doctoral researcher in cyberwarfare, University of Birmingham