China is allegedly home to some of the nastiest malware and spam writers in the world, according to numerous security experts.
And Beijing, China's capital and second largest city is only months away from hosting the Olympic Games where it’s likely millions of people will descend with an abundance of information-rich mobile devices.
There is no doubt cybercriminals will use the Olympic Games as an opportunity to socially engineer millions of Internet users into divulging valuable information to eventually sell or trade on underground black markets. So how targeted and severe will the attacks be and how should visitors protect themselves?
Philip Routley, product marketing manager A/NZ at MessageLabs, said targeted attacks against individuals using mobile devices poses a risk at the Olympic Games.
He said, although specialised malware that targets mobile devices is much rarer than mainstream malware aimed at Windows, it is still targeted.
Routley’s concerns lie with business people and he warned they are likely victims.
“Business people visiting the games, in particular those representing sponsors, need to be particularly cautious. The attackers will know which organisations are sponsoring the Olympics and will no doubt begin tailoring targeted attacks at various individuals in those organisations.
"As a result all individuals, regardless of which organisation they represent, need to apply commonsense when using a BlackBerry or other mobile devices,”
he said.
Furthermore, Australians need to be aware of the information residing on
their devices and the risk the data may pose if it is lost or stolen, according
to Australia’s Computer Emergency Response Team, AusCERT.
“It is important to remember that portable devices can bring back threats to your home network,” said Paul Fahey, computer security analyst at AusCERT.
He added: “The security threat to portable devices is just as strong in Australia as it would be in China, it’s large events such as the Olympics where proximity becomes an issue, especially with portable devices with
wireless capabilities.”
Agreeing, Adam Biviano, premium services manager at Trend Micro, said connecting to free wireless hotspots is his biggest concern for guests visiting China during next month’s Olympic Games.
He warned that free hotspots are generally unencrypted and expose information on portable devices and advised that those considering using the Internet from a hotspot should use caution.
“Don’t use them to access services with confidential information and only store on them information you need for the time that you are away,” said Biviano.
“Also, ensure that the device itself is not stolen – with the release of the
next generation i-Phone, users of these devices need to pay close attention to
prevent theft,” he added.
Eliminating threats in-the-cloud is the only surefire way to ensure these
mobile devices can continue to be a benefit to the user, rather
than a hindrance, added MessageLabs’s Philip Routley.
My advice – keep the devices at home and enjoy the Games.
Tips to secure mobile devices• Think before you act.
• Is the sender of the email received known to you?
• Is the content of the email relevant to your organisation or your role within the organisation?
• Apply caution if the email has an attachment.
• Again apply caution if the content of the email is encouraging you to click on a URL link within the email, even if it is a trusted domain.
Source: Philip Routley, product marketing manager A/NZ at MessageLabs• You should always maintain up-todate anti-virus software, whether it be on your laptop, PDA or phone (includes BlackBerry, Nokia, HTC etc).
• Use the device’s firewall where applicable.
• If you are taking confidential information outside of the organisation or overseas, you should consider encrypting it.
• Turn off functions such as Bluetooth and Infrared when they are not needed, or at least make your devices hidden and password protected.
• Be cautious when connecting to untrusted networks. You should consider anything you do on these networks to be publicly accessible.
Source: Paul Fahey, computer security analyst, AusCERT