The Olympics display peak athletic achievements. But recent stuff we have seen in the Security Labs makes us think that it is also inspiring others to new heights, or in this case, lows.
As we suggested in our 2012 predictions, just as any big event or attraction also brings its negatives, we are starting to see hackers attracted to the 2012 Olympic Games.
And even though we’ve seen examples of things we’d expect, such as online ticket selling scams, I am more concerned about another challenge. You see, London is about to turn on Europe's biggest WiFi zone.
This network will cover central London and will be provided by mobile carrier O2. Timed to coincide with the 2012 Olympics in the city and the Diamond Jubilee, the area is likely to extend over Westminster, Kensington, and Chelsea.
Installation has apparently begun and should be up and running by March.
The danger I see is this: Imagine you have joined thousands that come from all over the world to this global stage; perhaps you would like tap into this free WiFi and connect. So you attempt to log on when you are presented with hotspots identifying themselves as:
- 2012 London Olympic Games
- Olympics O2 (free WiFi)
- Free Olympics WiFi
Ummm… OK. Where am I going to connect? Because, between you and me, one of those is legitimate, one is a private network, and two are rogue wireless access points that are set up to attract the unaware and to steal data and credentials from those on the system.
[By the way, airports have the same problem. I frequently see “Free Wi-Fi” signs, but they don’t tell you the safe SSID. Surfer beware.]
I’m not sure what the SSID will actually be, and that’s the point – most visitors won’t either. You couldn’t put up enough signs to eliminate mistakes. Then, if you hop on and aren’t using a VPN, or aren’t connecting to an https site, the criminal who set up that access point can scan all of your requests, entered passwords, and even direct you to malicious sites.
If you plan on attending the Olympics, have a great time – but be safe and smart and try to only connect to known wireless networks.