The Winter Olympics have arrived in Pyeonchang, South Korea. If you managed to score tickets to the games, that can only mean one thing: It’s time to gird your personal data.
In the months leading to the Olympics, hackers targeted Olympic organizers in apparent retaliation for the doping ban against Russia. And organizers admitted that they were investigating cyberattacks that this weekend prevented Olympics attendees from printing tickets or using the games’ Wi-Fi. Display monitors shut down too.
Security researchers in Cisco Systems’ Talos division blame new malware they call Olympic Destroyer, which seeks to damage Olympics computer systems.
But don’t think that hackers seeking revenge on the Olympics or any other event worth traveling to can’t hurt the general consumer. Like the computer worms of the 1980s and 1990s, the NotPetya attack last year is an example of a modern cyberattack spreading far beyond its initial victims.
While no computer security advice is 100 percent effective, you can reduce your risks when traveling to the Olympics or any other major public event.
Before you take off, check with the U.S. Computer Emergency Readiness Team (U.S. CERT) for any warnings about the event. Also heed its common-sense advice, including:
- Switch off Wi-Fi and Bluetooth connections when not in use.
- Use a credit card to pay for online goods and services.
- When using a public or unsecured Wi-Fi connection, avoid using sites and applications that require personal information like log-ins. If you must use unsecured Wi-Fi, use a VPN first.
- Update your mobile apps before you arrive at the event.
- Use strong PINs and passwords.
In the heat of an exhilarating victory or crushing defeat, of course, common sense often goes out the window. Don’t let yourself get so carried away with excitement that you forget that the bad guys are just waiting for you to slip up. Below are four tips I would add to U.S. CERT’s advice.
When in Pyeonchang (or anywhere, really), beware of public Wi-Fi networks. If you must connect to one, ensure that you first boot up a virtual private network. A good VPN client is inexpensive and easy to install.
Alternatively, you could turn to your cellular connection. Although data networks are not impervious to hackers, 4G connections are also safer than public Wi-Fi. It’s tempting to avoid racking up big-data charges by connecting to free Wi-Fi, but if you consider the potential cost of having your personal data compromised, those data charges might actually be a bargain.
Use your credit card—and only one card—for purchases while overseas. And resist the urge to use your debit card to retrieve some quick cash at an ATM, which could have an attached card skimmer, or be closely watched by someone in the crowd.
When you get back home, immediately call your credit card company to request a replacement card. Say you were at the Olympics and want to minimize the damage, in case your credit card number was stolen. Your card issuer will thank you for it.
If you’re halfway around the world, do you really want others to know that your house might be unattended? They will, if you post photos and updates from the Olympic venue on social media.
Wait until you get home to post your photos. Be extra vigilant about emails, especially those that might point you to tempting sites for discounted event tickets, or offer “exclusive” information about scores or athletes. And don’t click on links or downloads, even from people who appear to be someone you know, as they could be an adversary trying to trick you. Stick to text communication only in your emails.
Going for the gold
As with all unfamiliar and highly charged situations, amid huge crowds, the bad guys are counting on you to let down your guard. These types of mega sporting events are hunting grounds for criminals of all stripes, and they are in it for the win. Just as you would be vigilant about in-person scams in a foreign land, where you aren’t accustomed to the language or customs, stay vigilant about cyberthreats. Don’t let an adversary capture your gold.