Whilst the world’s best clubs are finishing their very last minute preparations to clash with the arch rivals on the green soccer fields of the FIFA World Cup, another deadly war is strong in cyber space between cyber criminals and information security experts.
Brazil, the host of the FIFA World Cup 2014 is also home to the most notorious and deadly gangs of hackers. “With a population of roughly 201 million in 2013, Brazil is the world’s fifth most populous country and has one of the largest cyber bad guys communities, ” reports Business World. Not surprisingly, hackers are sharpening their arsenal to attack World Cup-related websites and thousands of users who will use those websites during the tournament. fifa 17 hack tool
A May 30 report by Reuters quoting a hacker who “operates under the alias of Che Commodore” from Sao Paulo, Brazil, said, “The hacker group Anonymous is organizing a cyber-attack on corporate sponsors of the Globe Cup in Brazil to protest the lavish spending on the soccer online games in a country having difficulties to provide basic services. ”
The report cited this hacker as saying in a Skype discussion from an undisclosed location in Brazil, “We have already conducted late-night checks to see which of the sites are more susceptible. We have a plan of attack. ”
Typically the Reuters report further said that the hacker had mentioned World Cup benefactors including Adidas, Emirates airline, the Cola Co and Budweiser, which is owned by Anheuser-Busch InBev as potential targets.
Distributed Denial of Service or DDOS is defined as a form of Denial of Service (DoS) attack where multiple jeopardized systems — which are usually infected with a Trojan — are employed to target just one system. Patients of a DDoS strike consist of both the conclusion targeted system and all systems maliciously used and managed by the hacker in the distributed attack.
Inside a DDoS assault, the victim faces a traffic onslaught simultaneously from multiple sources, which could run into hundreds of thousands of points of origin. This makes it nearly impossible for the security systems to obstruct IPs as you are not able to filter legitimate traffic inflow from predator traffic and thus, the host machines get jammed.
The well known hacker group Anonymous had within the last week of May 2014, attacked the Brazil’s Foreign Ministry computer systems and leaked dozens of confidential emails. The Reuters report further said, a hacker known as Anon Manifest used a scam attack to breach the Foreign Ministry’s databases that forced over 3, 000 of account users to change their passwords.
These kinds of lethal phishing attacks have again brought to the fore the vulnerability of confidential and classified information databases. Although hackers are labeling these threatened attacks on World Cup websites as a “protest” against the monumental expenditures received in hosting the tournament, hacking or phishing is undoubtedly an intensely harmful violation of personal and critical information of thousands and thousands of users.
Banks, e-pay systems and e-auctions and basically sites that store personal data which provides entry to money are major targets for phishers. You may receive an innocent message or notifications from banks, providers, e-pay systems and other organizations inquiring you to urgently get into or update your personal data for some reason or the other such as loss of data, rewarding offers, system requirements, and so on. These fake notifications typically entice the user click on a “click here to update your account” link adopted by thinly cloaked threats such as “else your account will be blocked”. The moment the customer unsuspectingly reaches the phishing site, the industry thinly concealed copy of some credible organization, the phishers get access to the user’s email account or bank details and have their modus operandi laid out plainly to suck out the money within no time by selling the crucial data to other scammers.
Things you must remember when you get such potentially malicious notices:
one Phishing URLs often closely resemble the genuine URL of the best company. Before clicking on such link, check whether the link in the browser command line is in fact different from those of the legitimate site.
second . The url can be a combo of some words prefixed to a genuine looking website address or a mix of dots instead of the legitimate slashes. Do not click on any such link.
3. Banks or financial institutions never send types embedded in emails which ask you to fill up up your personal data within the email body itself. Be cautious never to heed to such requests.
With hackers growing in strength, choosing strong password is no more enough as security steps. One of the most reliable security system currently is Multiple Element Authentication. Just about all security breaches’ victims including Microsoft, Facebook, Twitter, Adobe and others have recommended two factor authentication (2FA).
2FA is a based on something the user knows (username and password) and something he physically possesses including mobile token, hard symbol, soft token or UNIVERSAL SERIES BUS token.
Other effective technology such together click authentication, PKI USB tokens no-network two factor authentication have also been introduced in India recently.
Tarun Wig is a Technology Evangelist. He is part of the core team of Authshield Labs and has been actively involved in research on information security weaknesses. His expertise lies in innovating latest technologies to protect users and organizations from hacking attacks. Apart from consulting multiple organizations, he is also the participant in Indian Infosec Consortium, the largest group of security professionals in Indian.