Cyberthreats have evolved with the emergence of new technology and trends including AI, Web3, and crypto. Major sporting events like the FIFA Worldcup also attract a lot of cyber criminals looking to profit from the excitement of fans.
In an exclusive interaction with The Hindu, Gagan Singh, Vice President, and Chief Operating Officer at McAfee, discussed changes in cyber threat landscape, business of cybersecurity, and attacks targeting major sporting events.
Edited excerpts:
How has the pandemic changed the cyberthreat landscape?
Gagan Singh: There is no denying that the pandemic accelerated the evolution of cyber threats. Cybercriminals took full advantage of the situation when we spent more time online and witnessed information overload related to COVID-19.
In 2020, McAfee Labs saw an average of 375 new threats per minute as cybercriminals exploited the pandemic through COVID-19-themed malicious apps, phishing campaigns, malware, and more.
The introduction and accessibility of AI tools have made launching new cyber threats easier than ever, compounding some of the challenges around the volume and sophistication of threats we see today.
The fluctuating popularity of cryptocurrency and the emergence of Web3, which is being touted as the next version of the internet, also leave people vulnerable to potential cyber threats.
All of these have set the stage for 2023 that promises advancement not only in how we interact with technology but also in how attackers can exploit it.
(For insights on emerging themes at the intersection of technology, business and policy, subscribe to our tech newsletter Today’s Cache.)
How has the business of cybersecurity changed over the years? Is it more of a consulting role now?
GS: The boundaries between physical and digital life have converged at a great pace.
The basic concepts of cybercrime have not changed but the sophistication, speed of evolution, and volume have, and it’s our job to remain ahead of the cybercriminals with holistic protection.
It is no longer enough to just have antivirus on our tablet or phone. We need to think about privacy and identity and how we are protecting critical information. This takes a more thoughtful approach to secure and protect all our data so that we can live our online life with confidence.
How do you see cyberattacks evolving in the future? Which are the devices and areas that will be most prone to future cyberattacks and why?
GS: The rise of mobile usage, and the personal data that our phones carry, has made them a key target for threats.
Cybercriminals are using increasingly sophisticated and personalised mobile attacks to trick users into giving up their personal information or con them into giving their money.
Criminals are using a wide range of techniques like text message scams, sending malware to mobile devices via text, gaming hacks, and app scams.
Another area that is prone to cyberattacks is crypto mining. Some malicious apps and webpages target mobile devices to hijack the device’s processor for “mining” or creating new coins for criminals. This new attack uses a fake app that promises to mine cryptocurrency for the app user for a small fee. But ultimately, it steals the user’s money.
Do you think with the advent of 5G, networks and devices (IoT and others) are more prone to cyberattacks? How?
GS: 5G networks provide greater speed to handheld devices delivering more data with lower latency.
The promise of more connectivity, smoother IoT user experience, and more devices online creates more opportunities and avenues for cyberattacks.
Denial-of-service attacks, or DDoS, are a cause of concern when it comes to cybersecurity.
Devices like refrigerators, thermometers, and even light bulbs, will be able to come online because of 5G. Users can remotely check these appliances through a simple app, but these devices can also be usurped by malicious characters.
So ultimately, while 5G brings significant benefits and an enhanced experience for IoT devices, it also increases the threat landscape and is a hotbed for new cybercriminal activities, making holistic security and protection critical.
Can you talk about some of the major cyberattacks witnessed during past sporting events including the FIFA World Cup? What was their impact?
GS: Criminals have always been attracted to large sporting events. Bets totaling €136 billion were placed worldwide during the 2018 World Cup. This high volume of legitimate gambling brings with it a spike in deceptive activities.
Online betting scams often start when users are directed to or search for official gambling sites and end up on a fraudulent one. After placing their bets and winning, users realise that they may have “won” money but are unable to withdraw it.
Sometimes users are even tricked into depositing more money to avail the winning amount but even then, they are denied it.
Sporting event officials have also been the target of cyberattacks earlier. In 2020, the Tokyo Olympics organising committee fell victim to a data breach that exposed officials’ personal information. Other reports also highlighted the risk of phishing campaigns and other cyber scams targeting audiences.
What kind of cyberattacks do you think can target viewers and fans watching the ongoing FIFA world cup?
GS: Attracting fraudsters and cybercriminals who want to profit from the excitement of fans is common when an event is this popular and well-attended.
Some of the key scams and opportunities for online threats that fans should watch out for during the mega event include phishing, ticket scams, and streaming.
When it comes to phishing, football fans should watch out for contests or offers that seem too good to be true. Cybercriminals are betting that excitement will cloud fans’ judgment. They can be lured to click on nefarious links that may download malware or steal personal information.
The World Cup is a prime target for fake ticket scams, with fans willing to pay thousands of dollars to see their teams compete. Most people must be having their tickets by now, even for the final stages of the tournament, but if planning a last-minute trip, users should be cautious of this scam and use a legitimate, reputable ticket broker.
Fans must ensure that they are using a legitimate streaming service If they are watching the tournament online.
Illegal streaming sites usually contain deceptive ads and malware, which can harm users’ devices. A quick internet search of “FIFA World Cup 2022 Official Streaming” along with your country should get you the required information to safely watch the event through official channels.
COMMents
SHARE