Several teams at the ongoing FIFA World Cup 2018 have enforced stiff guidelines to shield their players from hacks and to avoid embarrassing images surfacing in the home of ‘kompromat’.
In the past, teams participating in FIFA’s flagship event went to great lengths just to keep the paparazzi at bay, the stars of Russia 2018 have a more high-tech solution to guard their privacy.
The Australian football federation is one of the association to use its own mobile internet connection in Russia, just to prevent any mishaps and to make it harder to access information contained on the devices of the players and staffs.
The Socceroos are strictly prohibited from joining any unprotected Wifi networks and must connect via one of the team’s own VPN-fitted 4G mobile routers.
“The players have been told just to be smart about while they are here, i.e not logging on to public Wifis,” Australian Team official Adam Mark told one of the leading press agencies.
“Cybersecurity is something that we are concerned about,” said Croatia team official Tomislav Pacak.
“Concerning security in general, we don’t share anything with any media or the public other than what is said during press conferences.”
The eagerness to avoid hacks at this World Cup is so high that some teams even sought advice from their national security services before leaving Russia.
England were briefed by Britain’s GCHQ intelligence service and players’ smartphones and other connected devices have been fitted with special encryption software for the tournament.
Guillaume Poupard, the head of France’s information security agency Anssi, told a leading press agency his organisation had advised the national team on online safety while in Russia.
“It was rather general advice, a bit like what we tell people travelling for business... pay attention to where you connect, don’t take all your personal data with you,” Poupard said.
While all of this sounds like a good advice in a place where high-profile millionaires such as footballers ply their trade, it is not just the players that may be at risk in Russia, famous for the practice of ‘kompromat’ – gathering compromising personal material for wicked means.
Russian hacking group Fancy Bear, for example, published emails of the International Olympic Committee in 2014 after Russia was banned from competing in this year’s Pyeongchang Winter Olympics for its doping programme.
Such an attack on tournament organisers FIFA, for example, “would have a significant impact on its image”, according to Chris Hodson, of cybersecurity firm Zscaler.
Yet the most common targets of online hacks and scams remain members of the general public, and Anssi has launched an awareness campaign to coincide with sport’s biggest event.
Cybersecurity firm Checkpoint last week uncovered a phishing campaign, whereby users are tricked into handing over their personal details via fraudulent emails, camouflaged as a World Cup matches wall chart.
“With so much anticipation and hype around the World Cup, cybercriminals are banking on employees being less vigilant in opening unsolicited emails and attachments,” said Checkpoint’s Maya Horowitz.
“As such, it is critical that organisations take steps to remind their employees of security best practices to help prevent these attacks being successful.”
Internet users have been advised to be wary of streaming matches on pirate feeds that may contain malware, and to avoid unofficial ticketing sites.
For Nicola Caproni, consultant at web security firm Sekoia, internet users need to be vigilant but not obsessive over their data during the tournament in Russia.
“Don’t take business data with you, don’t leave your telephone or computer at the hotel, be careful with your devices, don’t just connect to any Wifi hotspot, and use a VPN.”
(With inputs from agencies)