SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
A warning from Zscaler - don't drop your security baton this olympics
Mon, 1st Aug 2016
FYI, this story is more than a year old

With the Olympics on the horizon, a strong warning has been issued for organizations by Zscaler to refocus their security efforts.

Most critically, the company claims that organizations need to keep their exposure to phishing and malware attempts in mind.

The warning from Zscaler comes in wake of the real threat that cybercrimnals pose, as users find convenient ways to keep up with the latest sporting news.

According to ThreatLabZ research, at the last games 80% of “Olympic” web domains were scams or spam – pinpointing the need for increased vigilance this time round.

Michael Sutton, CISO at Zscaler, says that streamlined security that doesn't hinder productivity should be the singular focus for business leaders.

“Every Games, cybercriminals use spam and spoofed websites to trick users into clicking and downloading malicious files. This will be no different,” says Sutton. Zcaler says that in order to fight this threat, businesses should ensure enterprise readiness across three key areas – business productivity, cyber threat response and approved applications.

Sutton adds that in regards to business productivity, employees will find a workaround - even if all live coverage is blocked.

“The result is an increase in absences and employees that are vulnerable to social engineering, as they seek out websites or streams related to the Games. As such, organisations adopt a proactive security stance to appropriately provision bandwidth and monitor traffic," says Sutton.  At the Vancouver Games, Zscaler unveiled cybercriminals masquerading as legitimate websites and applications that uploaded malware and stole sensitive information.

The company claims that we can expect the same at Rio, as criminals use the major international event to exploit consumer passion.

“Falling for scams, consumers not only fail to gain tickets or other goods, they also expose personal information, placing them at risk of further fraud,” comments Sutton.

“Because cybercriminals will tap into our anticipation of the Games this year, businesses need to ensure they can identify and mitigate attacks from phishing campaign to exploit kits,” he says.

“We can no longer rely solely on URL filtering or the reputation of a site."